Closed joemilacek closed 2 years ago
Hi @joemilacek, thanks for reaching out! Looking at your example, my guess is this is coming from a CloudFormation Template? Those are slightly different from the plain IAM policy documents this tool is intended for.
Using only the PolicyDocument
part and stripping out CF-specifics (the FN::Sub
in your example) would convert:
{
"Version": "2012-10-17",
"Statement":
{
"Effect": "Allow",
"Action": [
"lambda:Get*",
"lambda:List*",
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:CreateFunction",
"lambda:DeleteFunction",
"lambda:UpdateFunctionConfiguration",
"lambda:UpdateFunctionCode",
"lambda:PublishVersion",
"lambda:CreateAlias",
"lambda:DeleteAlias",
"lambda:UpdateAlias",
"lambda:AddPermission",
"lambda:RemovePermission",
"lambda:InvokeFunction"
],
"Resource": ["arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:${AppId}-*"]
}
}
Now, beyond this, you actually raise two good, more general points:
What do you think?
I've had a bit of time today so I've tried to make some improvements:
I'm closing this issue for now, feel free to reopen if you feel there's more to be done
I keep pasting different sections of IAM policy JSON into the web converter and nothing happens. Which section of policy do I start at? Can I include multiple policies in one? The tool isn't giving me any feedback.
This sounds great but it is not working for me without some more specific information.
For example:
...results in nothing:
Other pastes w/ actual formatting issues do give some error output, so it's not like the whole web app isn't working for me.
I'm sure I'm doing something wrong, but if it's not too much trouble to hint at what it could be, that would be awesome!
This could just be my ignorance though!!