serverless-plugin-lambda-account-access
Add policies and/or roles to allow cross-account access to your functions.
Usage Example
serverless.yml
service: sample
plugins:
- serverless-plugin-lambda-account-access
provider:
access:
groups:
api:
role:
- name: sample-${self:custom.stage}-lambda-api-${self:custom.region}
principals:
- 222222222222
- 'arn:aws:iam::333333333333:root'
- Fn::Import: cloudformation-output-arn-2
allowTagSession: True
maxSessionDuration: 3600
policy:
principals:
- 111111111111
- 'arn:aws:iam::222222222222:root'
- Fn::Import: cloudformation-output-arn
other:
policy:
principals: 333333333333
functions:
function1:
function2:
allowAccess: api
function3:
allowAccess:
- api
- other