Hi there,
I am using the AWS Lambda block and I am getting an Access Denied Exception.
I have added a set of policies to the AWS user but they don’t seem to allow the execution.
I have googled online and I couldn’t find a simple config policy that I can just use.
Anybody has any experience to share?
Cheers.
Here is an example of a policy that would allow execution of a specific function:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:071006855025:function:dylansFunction"
}
]
}
Where …
us-east-1
should be replaced with your AWS region071006855025
should be replaced with your account IDdylansFunction
should be replaced with your function name
There are other policies you could attach that are more open, though following the principle of least permissions, I would recommend limiting the policy’s scope as much as possible.
For example, this policy would allow you to invoke any of your Lambda functions across any of your AWS regions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": [
"*"
]
}
]
}