# "Kitchen Sink" test containing all supported policy templates. The idea is to know every one of them is
# transformable and fail on any changes in the policy template definition without updating the test
# Since this not about testing the transformation logic, we will keep the policy template parameter values as literal
# string

Resources:
  KitchenSinkFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: s3://sam-demo-bucket/hello.zip
      Handler: hello.handler
      Runtime: python2.7
      Policies:

      - SQSPollerPolicy:
          QueueName: name

      - LambdaInvokePolicy:
          FunctionName: name

      - CloudWatchDescribeAlarmHistoryPolicy: {}

      - CloudWatchPutMetricPolicy: {}

      - EC2DescribePolicy: {}

      - DynamoDBCrudPolicy:
          TableName: name

      - DynamoDBReadPolicy:
          TableName: name

      - SESSendBouncePolicy:
          IdentityName: name

      - ElasticsearchHttpPostPolicy:
          DomainName: name

      - S3ReadPolicy:
          BucketName: name

      - S3CrudPolicy:
          BucketName: name

      - AMIDescribePolicy: {}

      - CloudFormationDescribeStacksPolicy: {}

      - RekognitionNoDataAccessPolicy:
          CollectionId: id

      - RekognitionReadPolicy:
          CollectionId: id

      - RekognitionWriteOnlyAccessPolicy:
          CollectionId: id

      - SQSSendMessagePolicy:
          QueueName: name

      - SNSPublishMessagePolicy:
          TopicName: name

      - VPCAccessPolicy: {}

      - DynamoDBStreamReadPolicy:
          TableName: name
          StreamName: name

      - KinesisStreamReadPolicy:
          StreamName: name

      - SESCrudPolicy:
          IdentityName: name

      - SNSCrudPolicy:
          TopicName: name

      - KinesisCrudPolicy:
          StreamName: name

      - KMSDecryptPolicy:
          KeyId: keyId

      - PollyFullAccessPolicy:
          LexiconName: name

      - S3FullAccessPolicy:
          BucketName: name

      - CodePipelineLambdaExecutionPolicy: {}

      - ServerlessRepoReadWriteAccessPolicy: {}

      - EC2CopyImagePolicy:
          ImageId: id

      - CodePipelineReadOnlyPolicy:
          PipelineName: pipeline

      - CloudWatchDashboardPolicy: {}

      - RekognitionFacesPolicy: {}

      - RekognitionLabelsPolicy: {}

      - DynamoDBBackupFullAccessPolicy:
          TableName: table

      - DynamoDBRestoreFromBackupPolicy:
          TableName: table

      - ComprehendBasicAccessPolicy: {}

      - AWSSecretsManagerRotationPolicy:
          FunctionName: function

      - MobileAnalyticsWriteOnlyAccessPolicy: {}

      - PinpointEndpointAccessPolicy:
          PinpointApplicationId: id

      - RekognitionDetectOnlyPolicy: {}

      - RekognitionFacesManagementPolicy:
          CollectionId: collection

      - EKSDescribePolicy: {}

      - CostExplorerReadOnlyPolicy: {}

      - OrganizationsListAccountsPolicy: {}

      - DynamoDBReconfigurePolicy:
          TableName: name

      - SESBulkTemplatedCrudPolicy:
          IdentityName: name

      - SESEmailTemplateCrudPolicy: {}

      - FilterLogEventsPolicy:
          LogGroupName: name

      - SSMParameterReadPolicy:
          ParameterName: name

      - StepFunctionsExecutionPolicy:
          StateMachineName: name

      - CodeCommitCrudPolicy:
          RepositoryName: name

      - CodeCommitReadPolicy:
          RepositoryName: name

      - KMSEncryptPolicy:
          KeyId: keyId

      - AthenaQueryPolicy:
          WorkGroupName: name

      - S3WritePolicy:
          BucketName: name

      - DynamoDBWritePolicy:
          TableName: name

      - EventBridgePutEventsPolicy:
          EventBusName: name

      - AcmGetCertificatePolicy:
          CertificateArn: arn

      - Route53ChangeResourceRecordSetsPolicy:
          HostedZoneId: test

      - SSMParameterWithSlashPrefixReadPolicy:
          ParameterName: /name

      - StepFunctionsExecutionPolicy_v2:
          StateMachineName: name

      - SESBulkTemplatedCrudPolicy_v2:
          IdentityName: name
          TemplateName: template_name