While creating dynamod stream via serverless we are getting below error
Serverless Error ---------------------------------------
An error occurred: IamRoleLambdaExecution - The policy failed legacy parsing (Service:
AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicy
Document; Request ID: 2ef8eff1-5a80-11e8-a9a4-65fc1d91e8d7).
and our serverless.yml file looks like this
service: dynamodb-trigger-service
provider:
name: aws
runtime: nodejs8.10
stage: dev
region: us-east-1
environment:
PARENT_DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage}_parent
CHILD_DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage}_child
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:DescribeStream
- dynamodb:GetRecords
- dynamodb:GetShardIterator
- dynamodb:ListStreams
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:#{AWS.AccountId}:table/${self:provider.environment.PARENT_DYNAMODB_TABLE}/stream/*"
- Effect: Allow
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:#{AWS.AccountId}:table/${self:provider.environment.CHILD_DYNAMODB_TABLE}"
package:
exclude:
- node_modules/@types/**
- node_modules/@serverless/**
- '@types/**'
include:
- src/**
- '!src/**/*.spec.ts'
plugins:
- serverless-plugin-typescript
- serverless-offline
functions:
events_trigger:
handler: src/events/index.trigger
events:
- stream: arn:aws:dynamodb:${opt:region, self:provider.region}:#{AWS.AccountId}:table/${self:provider.environment.PARENT_DYNAMODB_TABLE}/stream/*
resources:
Resources:
parentTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: Delete
Properties:
AttributeDefinitions:
-
AttributeName: identifier
AttributeType: S
KeySchema:
-
AttributeName: identifier
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
StreamSpecification:
StreamViewType: NEW_AND_OLD_IMAGES
TableName: ${self:provider.environment.PARENT_DYNAMODB_TABLE}
childTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: Delete
Properties:
AttributeDefinitions:
-
AttributeName: identifier
AttributeType: S
KeySchema:
-
AttributeName: identifier
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
TableName: ${self:provider.environment.CHILD_DYNAMODB_TABLE}
Any help is appritiated .