I'm trying to attach the CloudFormationDescribeStacksPolicy to a Lambda in my SAM template file like so,
getEnvironment:
Type: AWS::Serverless::Function
DependsOn: AppTable
Properties:
Handler: src/getEnvironment.handler
Description: Get environment details
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref AppTable
- CloudFormationDescribeStacksPolicy
Events:
ClientApi:
Type: Api
Properties:
RestApiId: !Ref ClientApi
Path: /environment
Method: GET
But the CloudFormation deployment fails with,
CREATE_IN_PROGRESS AWS::IAM::Role getEnvironmentRole ARN CloudFormationDesc
ribeStacksPolicy is
not valid. (Service:
Iam, Status Code: 400,
Request ID:
Any idea what the issue might be here?
According to AWS SAM policy templates documentation (https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html): "If a policy template does not require any placeholder values, you must specify an empty object"
Try:
Policies:
- CloudFormationDescribeStacksPolicy: {}