AWSTemplateFormatVersion: '2010-09-09' Parameters: SecurityGroupId: Description: the SG this function should run in to have connectivity to MySQL Type: String SubnetId: Description: the Subnet this function should run in to have connectivity to MySQL Type: String Resources: LambdaRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole Path: / Policies: - PolicyName: CloudwatchLogs PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - logs:CreateLogGroup Resource: - !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:*" - Effect: Allow Action: - logs:CreateLogStream - logs:PutLogEvents Resource: - !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/*" - Effect: Allow Action: - dynamodb:DescribeTable - dynamodb:GetItem Resource: - !Sub "arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/*" LambdaUDFFunction: Type: "AWS::Lambda::Function" Properties: FunctionName: f-dynamodb-lookup-python-varchar-varchar-varchar Role: !GetAtt 'LambdaRole.Arn' Handler: index.handler Runtime: python3.9 Timeout: 300 Code: ZipFile: | import json import boto3 dynamodb = boto3.resource('dynamodb') def handler(event, context): print("Received event: " + json.dumps(event, indent=2)) ret = dict() try: tableName = event["arguments"][0][0] columnName = event["arguments"][0][1] table = dynamodb.Table(tableName) table.item_count res = [] for argument in event['arguments']: try: columnValue = argument[2] response = table.get_item(Key={columnName: columnValue }) res.append(json.dumps(response["Item"])) except: res.append(None) ret['success'] = True ret['results'] = res except Exception as e: ret['success'] = False ret['error_msg'] = str(e) return json.dumps(ret)