@yankeeinlondon no worries. All part of learning. You won’t be able to use it in that part of the serverless.yml
.
See this example
service: foo
provider: # Not CloudFormation
name: aws
iamRoleStatements: # You can use CloudFormation here
...
functions: # Not CloudFormation
....
resources:
Resources: # This section is CloudFormation
SomeResource:
Type: AWS::IAM::Role
...
# something like this to build an ARN
Resource:
Fn::Sub: 'aws:ec2:${AWS::Region}:${AWS::AccountId}:xxxxx:xxx/*'
If you’re just using the AccountId from IAM you should be able to use it directly rather than through a custom property.
Hope that makes sense. P.S. it’s off the top of my head so there might be syntax issue but should be close