From ef8571a2e5fb87203e53dea2dbae47e69b3f8c4e Mon Sep 17 00:00:00 2001
From: yangaws <31293788+yangaws@users.noreply.github.com>
Date: Thu, 4 Feb 2021 08:20:50 -0800
Subject: [PATCH] Fix incorrect case in policy of CustomResourceRole

The correct permission in IAM policy should start with capitalized letter after semi-colon. Some policies for CustomResourceRole in this template use lower case letter instead. In my test the corresponding action will be denied.
---
 deployment/live-streaming-on-aws.yaml | 36 +++++++++++++--------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/deployment/live-streaming-on-aws.yaml b/deployment/live-streaming-on-aws.yaml
index c00c2e4..d210961 100644
--- a/deployment/live-streaming-on-aws.yaml
+++ b/deployment/live-streaming-on-aws.yaml
@@ -196,28 +196,28 @@ Resources:
               -
                 Effect: Allow
                 Action:
-                  - medialive:createInputSecurityGroup
-                  - medialive:describeInput
-                  - medialive:createInput
-                  - medialive:deleteInput
-                  - medialive:stopChannel
-                  - medialive:createChannel
-                  - medialive:deleteChannel
-                  - medialive:describeInputSecurityGroup
-                  - medialive:deleteInputSecurityGroup
-                  - medialive:describeChannel
-                  - medialive:startChannel
-                  - medialive:tagResource
+                  - medialive:CreateInputSecurityGroup
+                  - medialive:DescribeInput
+                  - medialive:CreateInput
+                  - medialive:DeleteInput
+                  - medialive:StopChannel
+                  - medialive:CreateChannel
+                  - medialive:DeleteChannel
+                  - medialive:DescribeInputSecurityGroup
+                  - medialive:DeleteInputSecurityGroup
+                  - medialive:DescribeChannel
+                  - medialive:StartChannel
+                  - medialive:TagResource
                 Resource:
                     - !Join ["", ["arn:aws:medialive:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]]
               -
                 Effect: Allow
                 Action:
-                  - mediapackage:createChannel
-                  - mediapackage:deleteChannel
-                  - mediapackage:listOriginEndpoints
-                  - mediapackage:deleteOriginEndpoint
-                  - mediapackage:createOriginEndpoint
+                  - mediapackage:CreateChannel
+                  - mediapackage:DeleteChannel
+                  - mediapackage:ListOriginEndpoints
+                  - mediapackage:DeleteOriginEndpoint
+                  - mediapackage:CreateOriginEndpoint
 
                 Resource:
                     - !Join ["", ["arn:aws:mediapackage:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":*"]]
@@ -675,4 +675,4 @@ Outputs:
 
   LogsBucket:
     Description: Logs bucket
-    Value: !Ref LogsBucket
\ No newline at end of file
+    Value: !Ref LogsBucket