1

I am trying to pass a list of Lambda policies into my CloudFormation script via parameters, I have found some examples of how to do this, however when I try to split my LambdaPolicies parameter it's giving an error of Value of property ManagedPolicyArns must be of type List of String.

AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: 
  An AWS Lambda application that calls the Lambda API.

Parameters:
  - LambdaName
  - LambdaVersion
  - LambdaCodeUriKey
  - LambdaCodeUriBucket
  - LambdaHandler
  - LambdaRuntime
  - LambdaTimeout
  - LambdaMemory
  - LambdaDescription
  - LambdaPolicies
  - LambdaTracing

Parameters:
  LambdaName:
    Description: The name of the Lambda function, this will be viewable within the AWS Management Console
    Type: String
    AllowedPattern: ^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$
    ConstraintDescription: The parameter must only contain Uppercase and lowercase letters and numbers
  LambdaVersion:
    Description: The version number for the component
    Type: String
    AllowedPattern: ^[0-9]+\.[0-9]+\.[0-9]+$
    ConstraintDescription: The parameter must match the following pattern for version. 10.2.3
  LambdaCodeUriKey:
    Description: The path to the Lambda code within the S3 bucket
    Type: String
  LambdaCodeUriBucket:
    Description: The name of the S3 bucket containing the Lambda code
    Type: String
    Default: 'default-s3-bucket'
  LambdaHandler:
    Description: The name for the Lambda handler which triggers the function
    Type: String
    Default: 'Handler::Handler.Bootstrap::ExecuteFunction'
  LambdaRuntime:
    Description: The name for the Lambda runtime
    Type: String
    Default: 'dotnetcore3.1'
  LambdaTimeout:
    Description: The timeout to be assigned to the Lambda function in seconds
    Type: Number
    Default: 30
  LambdaMemory:
    Description: The memory to be assigned to the Lambda function in MB
    Type: Number
    Default: 512
  LambdaPolicies:
    Description: A comma delimited list of Lambda policies to be assigned to the function
    Type: String
    Default: "AWSLambdaBasicExecutionRole,AWSLambda_ReadOnlyAccess,AWSXrayWriteOnlyAccess"

Resources:
  function:
    Type: AWS::Serverless::Function
    Properties:
      Handler: Handler::Handler.Bootstrap::ExecuteFunction
      Runtime: dotnetcore3.1
      CodeUri:
        Bucket: !Ref LambdaCodeUriBucket
        Key: !Ref LambdaCodeUriKey
      Description: Call the AWS Lambda API
      Timeout: 30
      MemorySize: 512
      # Function's execution role
      Policies: !Split [',', !Ref LambdaPolicies]
      Tracing: Active

Below is an example of what I am trying to create via my parameter

Policies:
  - AWSLambdaBasicExecutionRole
  - AWSLambda_ReadOnlyAccess
  - AWSXrayWriteOnlyAccess
DanBarber
  • 165
  • 3
  • 15
  • 1
    Why do you use "join"? LambdaPolicies based on the default value is a comma separated string. And executing !Split [',' , !Ref LambdaPolicies] should return the list of strings – Encho Solakov Apr 13 '21 at 22:55
  • @EnchoSolakov I was trying to see if this [example](https://stackoverflow.com/questions/49035760/how-do-i-use-nested-lists-or-append-to-a-list-in-cloudformation) would help resolve my problem, but unfortunately it did not. – DanBarber Apr 13 '21 at 23:13

0 Answers0