I’ve tried a bunch of different ways, Fn::Join, Get:Att, but upon deployment it fails with "Invalid bucket policy syntax"
Any idea what’s going wrong? After reading some forum posts and the wiki I’m pretty sure I’m doing it right.
Any help would be greatly appreciated, thanks!
Here’s the resources section of my serverless.yml
resources:
Resources:
MyBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.bucket}
AccessControl: 'PublicRead'
MyBucketPolicy:
DependsOn: MyBucket
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: MyBucket
PolicyDocument:
Version: '2012-10-17'
Statement:
- Sid: AllowPublicRead
Effect: Allow
Principal: '*'
Action:
- s3:GetObject
Resource:
"Fn::GetAtt":
- MyBucket
- Arn
- Sid: AllowLambdaPutObject
Effect: Allow
Principal:
"Fn::GetAtt":
- IamRoleLambdaExecution
- Arn
Action:
- s3:PutObject
- s3:PutObjectAcl
Resource:
"Fn::GetAtt":
- MyBucket
- Arn