We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
2 parents c84f738 + 2e2e70f commit f0c5996Copy full SHA for f0c5996
template.yaml
@@ -26,6 +26,22 @@ Resources:
26
ServerSideEncryptionConfiguration:
27
- ServerSideEncryptionByDefault:
28
SSEAlgorithm: AES256
29
+ LambdaZipsBucketPolicy:
30
+ Type: AWS::S3::BucketPolicy
31
+ Properties:
32
+ Bucket:
33
+ Ref: LambdaZipsBucket
34
+ PolicyDocument:
35
+ Statement:
36
+ - Effect: Deny
37
+ Action: "s3:*"
38
+ Principal: "*"
39
+ Resource:
40
+ - !Sub 'arn:aws:s3:::${LambdaZipsBucket}'
41
+ - !Sub 'arn:aws:s3:::${LambdaZipsBucket}/*'
42
+ Condition:
43
+ Bool:
44
+ aws:SecureTransport: false
45
46
ProducerLambda:
47
Type: AWS::Lambda::Function
0 commit comments