What would be the fastest way to attach function policy to Lambda?
I hoped that we can do it while creating Lambda:
(allow Lambda to be invoked only by Cognito)
Resources: SomeFunction: Type: AWS::Serverless::Function Properties: CodeUri: URL FunctionName: SomeFunction Policies: - Statement: - StatementId: AllowToInvokeFromCognito Effect: Allow Action: lambda:InvokeFunction Principal: cognito-idp.amazonaws.com
But I gor errors about malformed policy.
Do I need to first create role?