Added iam:passedtoservice condition key and tested out the change. Fi… (#109)

* Added iam:passedtoservice condition key and tested out the change. Filesystem lambdas are still working.

* Forgot to remove extra string equals

Author: eggoynes

deployment/efs-file-manager.yaml

@@ -78,13 +78,14 @@ Resources:
                   - "arn:aws:elasticfilesystem:*:*:file-system/*"
                   - "arn:aws:elasticfilesystem:*:*:access-point/*"
                   - "arn:aws:elasticfilesystem:*:*:*"
-              # TODO: Add iam:passedtoservice condition key
               - Effect: Allow
                 Action:
                   - "iam:PassRole"
                 Resource:
                   - "arn:aws:iam::*:role/fs-*"
-
+                Condition:
+                  StringEquals:
+                    iam:PassedToService: lambda.amazonaws.com
 
   # File Manager API stack
   EFSFileManagerAPI: