Justin Plock

Created https://github.com/awslabs/serverless-application-model/pull/1567 for this change.

I’ve been trying to create log groups in my CF templates and following the policy information in https://typicalrunt.me/2019/09/20/enforcing-least-privilege-when-logging-lambda-functions-to-cloudwatch/ but yea, don’t grant the lambda execution role “logs:CreateLogGroup”

I have `AWS_CA_BUNDLE` set and SAM seems to be ignoring it as I also get the CERTIFICATE_VERIFY_FAILED error unfortunately. Allowing a `--no-verify-ssl` option would be ideal.

I’m not sure how I can use SAM while on my VPN at work at the moment without a workaround.

@jfuss would you accept a pull request allowing specifying a --no-verify-ssl parameter which would translate into adding `verify=False` in the boto3 clients?

@jfuss I tried setting `ca_bundle` in my `.aws/config` as well, but unfortunately that didn't work either. We use IronPort devices at work which are MITM'ing all SSL traffic and we've...

Yay! Thank you!

I've forked this repo to https://github.com/smoketurner/dropwizard-swagger and plan to publish it to maven central under the "com.smoketurner" groupId if anyone is interested.

I submitted a PR to upgrade to Dropwizard 0.8.2 https://github.com/federecio/dropwizard-swagger/pull/63

Is the target group showing as healthy?