Parameters:
  App:
    Type: String
    Description: Your application's name.
  Env:
    Type: String
    Description: The environment name for the service.
  Name:
    Type: String
    Description: The name of the service.

Resources:
  # https://docs.aws.amazon.com/chime-sdk/latest/dg/iam-users-roles.html
  AmazonChimeSdkPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          - Sid: AmazonChimeSdkActions
            Effect: Allow
            Action:
              - chime:CreateMeeting
              - chime:CreateMeetingWithAttendees
              - chime:DeleteMeeting
              - chime:GetMeeting
              - chime:ListMeetings
              - chime:CreateAttendee
              - chime:BatchCreateAttendee
              - chime:DeleteAttendee
              - chime:GetAttendee
              - chime:ListAttendees
              - chime:ListAttendeeTags
              - chime:ListMeetingTags
              - chime:ListTagsForResource
              - chime:TagAttendee
              - chime:TagMeeting
              - chime:TagResource
              - chime:UntagAttendee
              - chime:UntagMeeting
              - chime:UntagResource
              - chime:StartMeetingTranscription
              - chime:StopMeetingTranscription
            Resource: "*"

Outputs:
  AmazonChimeSdkPolicyArn:
    Description: "The ARN of the ManagedPolicy to attatch to the task role."
    Value: !Ref AmazonChimeSdkPolicy