Closed 23ewrdtf closed 4 years ago
I think I figured this out.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:GetFunction",
"lambda:CreateFunction",
"lambda:InvokeFunction",
"lambda:UpdateAlias",
"lambda:CreateAlias",
"lambda:GetFunctionConfiguration",
"lambda:AddPermission",
"lambda:UpdateFunctionCode"
],
"Resource": "arn:aws:lambda:REGION:ACCOUNT_ID:function:*"
},
{
"Effect": "Allow",
"Action": [
"iam:PassRole",
"iam:ListRoles"
],
"Resource": "arn:aws:iam::ACCOUNT_ID:role/ROLE_CREATED_IN_NEXT_POINT"
}
]
}
Create a role and attach above policy and AWSLambdaBasicExecutionRole policy.
Create a new user and attach above policy to it.
This is what worked for me
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:GetFunction",
"lambda:CreateFunction",
"lambda:InvokeFunction",
"lambda:UpdateAlias",
"lambda:CreateAlias",
"lambda:GetFunctionConfiguration",
"lambda:AddPermission",
"lambda:ListEventSourceMappings",
"lambda:UpdateFunctionCode"
],
"Resource": "arn:aws:lambda:REGION:ACCOUNT_ID:function:*"
},
{
"Effect": "Allow",
"Action": [
"iam:PassRole",
"iam:ListRoles"
],
"Resource": "arn:aws:iam::ACCOUNT_ID:role/ROLE_CREATED_IN_TUTORIAL"
}
]
}
What are the exact permissions needed for
npm run deploy
to work? A User with AdministratorAccess has too much access.When I run
npm run deploy
with below permission I get: