cdk/cdk/stack.py [121:148]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - statements=[ # Lambda iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "lambda:*", ], resources=[ f"arn:aws:lambda:{core.Aws.REGION}:{core.Aws.ACCOUNT_ID}:function:{self.lambdamap_function_name}", f"arn:aws:lambda:{core.Aws.REGION}:{core.Aws.ACCOUNT_ID}:function:{core.Aws.STACK_NAME}*", ] ), # S3 iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "s3:*" ], resources=[ f"arn:aws:s3:::{construct_id.lower()}*", ] ), # SageMaker iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - cdk/cdk/stack.py [223:250]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - statements=[ # Lambda iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "lambda:*", ], resources=[ f"arn:aws:lambda:{core.Aws.REGION}:{core.Aws.ACCOUNT_ID}:function:{self.lambdamap_function_name}", f"arn:aws:lambda:{core.Aws.REGION}:{core.Aws.ACCOUNT_ID}:function:{core.Aws.STACK_NAME}*", ] ), # S3 iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "s3:*" ], resources=[ f"arn:aws:s3:::{construct_id.lower()}*", ] ), # Logging iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -