How to add conditions to the IAM role statements for a specific function #154
Description
Here's a basic example of what I'd like to be able to do:
`service: my-service
provider:
name: aws
runtime: nodejs18.x
plugins:
serverless-iam-roles-per-function
functions:
myFunction:
handler: handler.myFunction
iamRoleStatements:
- Effect: Allow
Action: - dynamodb:Query
- dynamodb:Scan
Resource: arn:aws:dynamodb:us-east-1:123456789012:table/my-table
Condition:
StringEquals:
"dynamodb:LeadingKeys": "userId"
secondFunction:
handler: handler.secondFunction
iamRoleStatements:
- Effect: Allow
Action: - dynamoDB:UpdateItem
Resource: arn:aws:dynamodb:us-east-1:123456789012:table/my-table
Condition:
ForAllValues:StringNotLike:
"dynamodb:Attributes":[
"FreeGamesAvailable",
"BossLevelUnlocked"
]
anotherFunction:
handler: handler.anotherFunction
iamRoleStatements:
- Effect: Allow
Action: - s3:GetObject
Resource: arn:aws:s3:::my-bucket/*
Condition:
IpAddress:
"aws:SourceIp": "203.0.113.0/24"
`
If this isn't supported currently by the package, what are my options?