service: example provider: name: aws runtime: nodejs14.x functions: example: description: An example lambda function handler: example.handler memorySize: 256 role: LambdaRole environment: DYNAMODB_TABLE: !Ref DynamoDBExampleTable resources: Resources: DynamoDBExampleTable: Type: AWS::DynamoDB::Table Properties: TableName: example SSESpecification: SSEEnabled: true BillingMode: PAY_PER_REQUEST AttributeDefinitions: - AttributeName: pk AttributeType: S - AttributeName: sk AttributeType: S - AttributeName: sk2 AttributeType: S KeySchema: - AttributeName: pk KeyType: HASH - AttributeName: sk KeyType: RANGE GlobalSecondaryIndexes: - IndexName: pk-sk2 KeySchema: - AttributeName: pk KeyType: HASH - AttributeName: sk2 KeyType: RANGE Projection: ProjectionType: ALL LambdaRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole Policies: - PolicyName: dynamodb PolicyDocument: Statement: - Effect: Allow Action: - 'dynamodb:BatchGetItem' - 'dynamodb:BatchWriteItem' - 'dynamodb:PutItem' - 'dynamodb:DeleteItem' - 'dynamodb:GetItem' - 'dynamodb:Scan' - 'dynamodb:Query' - 'dynamodb:UpdateItem' - 'dynamodb:PartiQL*' Resource: - !GetAtt DynamoDBExampleTable.Arn - !Sub - ${Table}/* - Table: !GetAtt DynamoDBExampleTable.Arn