Your Policy for the lambda should set up everything your lambda is allowed to do. This includes passing a role.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1470153553000",
"Effect": "Allow",
"Action": [
"dynamodb:*"
],
"Resource": [
"arn:aws:dynamodb:us-west-2:439753510372:table/YoYoDyne_Products"
]
},
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Sid": "Stmt1449789105000",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"*"
]
}
]
}
Your policy also needs to have a trust relationship.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": ["lambda.amazonaws.com", "apigateway.amazonaws.com"]
},
"Action": "sts:AssumeRole"
}
]
}
3 comments:
Thank you for your guide to with upgrade information about AWS keep update at
AWS Online Course
Good Post! it was so good to read and useful to improve my knowledge as an updated one, keep blogging. After seeing your article I want to say that also a well-written article with some very good information which is very useful for the readers....thanks for sharing it and do share more posts like this.
Digital Marketing Training in Chennai
Digital Marketing Course in Chennai
Post a Comment