yishafang
commented
6 years ago Do you grant your IAM user the "iam:PassRole" permission?
Open icbdbmtbqinoot opened 6 years ago
yishafang
commented
6 years ago Do you grant your IAM user the "iam:PassRole" permission?
icbdbmtbqinoot
commented
6 years ago Yes, I granted "iam:PassRole" permission. it has the same error, even when I granted every AWS permission.
Hi, I am using cognito federated identity ID unauthorized version to set AWS credentials. I already granted all the permissions for Cognito_myPoolNameUnauth_Role. And it seems like other services like putting object in s3 bucket or creating dynamoDB table have no problem. Everything works well except for creating lambda function code. I get the same error again and again even after role is set properly for lambda.
Is this cognito identity credentials problem or iam problem? I don't understand why iam role will have authorization error of iam:passrole with all the permissions given. Please help me find solution. Thank you!
error : AccessDeniedException: User: arn:aws:sts:::assumed-role/Cognito_myPoolNameUnauth_Role/CognitoIdentityCredentials is not authorized to perform: iam:PassRole on resource: arn:aws:iam::*****:role/lambda_basic_execution