forked from serverless-components/backend
-
Notifications
You must be signed in to change notification settings - Fork 0
/
utils.js
37 lines (35 loc) · 878 Bytes
/
utils.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
const getPolicy = (permissions) => {
if (permissions === 'admin') {
// user explicitly specified admin permissions
return {
arn: 'arn:aws:iam::aws:policy/AdministratorAccess'
}
} else if (permissions && permissions.length !== 'undefined') {
// user specified their own simple permissions
return {
Version: '2012-10-17',
Statement: [
{
Action: permissions,
Effect: 'Allow',
Resource: '*'
}
]
}
} else if (typeof permissions === 'object') {
// user specified their own policy
return permissions
}
// by default return a policy with access to only dynamodb & logs
return {
Version: '2012-10-17',
Statement: [
{
Action: ['dynamodb:*', 'logs:*'],
Effect: 'Allow',
Resource: '*'
}
]
}
}
module.exports = { getPolicy }