gdestuynder · September 30, 2019 21:47
diff --git a/cf.yaml b/cf.yaml
 AWSTemplateFormatVersion: 2010-09-09
 Description: User that can trigger serverles.com lambda functions, meant for auth0 rules-hooks
 Parameters:
  PublisherFunctionArn:
    Type: String
    Description: The publisher function ARM
    Default: arn:aws:lambda:us-west-2:320464205386:function:auth0-publisher-dev-handler
 Resources:
  AZRunnerRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - lambda.amazonaws.com
            Action:
              - sts:AssumeRole
  AZRunnerUser:
    Type: AWS::IAM::User
    Properties:
      - PolicyName: AllowInvokeLambda
        PolicyDocument:
          Version: 2012-10-17
          Statement:
            - Effect: Allow
              Action:
                - lambda:InvokeFunction
                  lambda:InvokeAsync
            - Resource:
              !Ref PublisherFunctionArn
  AZRunnerAccessKey:
    Type: AWS::IAM::AccessKey
    Properties:
      Serial: 20190930
      Status: Active
      UserName: !Ref AZRunnerUser
 Outputs:
  AZRunnerUserName:
    Description: The username of this user
    Value: !Ref: AZRunnerUser
  AZRunnerAccessKeyId:
    Description: The AWS API Access Key ID
    Value: !Ref AZRunnerAccessKey
  AZRunnerSecretAccessKey:
    Description: The AWS API Access Key secret key
    Value: !GetAtt AZRunnerAccessKey.SecretAccessKey
	AWSTemplateFormatVersion: 2010-09-09
	Description: User that can trigger serverles.com lambda functions, meant for auth0 rules-hooks
	Parameters:
	PublisherFunctionArn:
	Type: String
	Description: The publisher function ARM
	Default: arn:aws:lambda:us-west-2:320464205386:function:auth0-publisher-dev-handler
	Resources:
	AZRunnerRole:
	Type: AWS::IAM::Role
	Properties:
	AssumeRolePolicyDocument:
	Version: 2012-10-17
	Statement:
	- Effect: Allow
	Principal:
	Service:
	- lambda.amazonaws.com
	Action:
	- sts:AssumeRole
	AZRunnerUser:
	Type: AWS::IAM::User
	Properties:
	- PolicyName: AllowInvokeLambda
	PolicyDocument:
	Version: 2012-10-17
	Statement:
	- Effect: Allow
	Action:
	- lambda:InvokeFunction
	lambda:InvokeAsync
	- Resource:
	!Ref PublisherFunctionArn
	AZRunnerAccessKey:
	Type: AWS::IAM::AccessKey
	Properties:
	Serial: 20190930
	Status: Active
	UserName: !Ref AZRunnerUser
	Outputs:
	AZRunnerUserName:
	Description: The username of this user
	Value: !Ref: AZRunnerUser
	AZRunnerAccessKeyId:
	Description: The AWS API Access Key ID
	Value: !Ref AZRunnerAccessKey
	AZRunnerSecretAccessKey:
	Description: The AWS API Access Key secret key
	Value: !GetAtt AZRunnerAccessKey.SecretAccessKey