We are using Serverless framework for our deployments.
We want to first create a IAM role.
This IAM role will be used in another AWS resource creation.
How we can ensure, the Lambda role is created before using it in another resource creation?
Here is the snippet of the serverless.yml file
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
AWS: arn:aws:iam::${self:custom.accountId}:role/lambdaRole1
Service:
- lambda.amazonaws.com
Action: sts:AssumeRole
This lambdaRol1 needs to created before creating this new resource ( it's another IAM role)
We tried using DependsOn, but got an error unsupported property.
What are the possible options?
- Is there anything similar to DependsOn in serverless framework.
- Can this be handled using nested stacks?
One way to deal with these dependency issues in CloudFormation is to simply use the full ARN in the dependent resource, rather than using a reference to the original resource (from which the ARN would be auto-inferred). This works when you dictate the ARN of the original resource (e.g. for S3 buckets, IAM roles) but doesn't work when the resource ARN has some auto-generated component, such as CloudFront distributions.
I'm assuming, but do not know for sure, that this will also work for Serverless.