The role defined for the function cannot be assumed by Lambda

后端未结

关注

 11  1250

野性不改 2021-02-04 23:29

I\'m getting the error \"The role defined for the function cannot be assumed by Lambda\" when I\'m trying to create a lambda function with create-function command.

11条回答

被撕碎了的回忆 (楼主)

2021-02-05 00:20

I am just learning to use the AWS CLI and ran into this issue.

I am using a series of PowerShell scripts to deploy an entire AWS architecture. My createRole.ps1 script contains:

aws iam create-role `
--role-name $roleName `
--assume-role-policy-document file://myRoleTrustPolicy.json

The file myRoleTrustPolicy.json contains:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": [
          "elasticmapreduce.amazonaws.com",
          "datapipeline.amazonaws.com",
          "lambda.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

It is the "lambda.amazonaws.com" line that was missing from Service list that was causing the issue.

Once I fixed that, the invocation of aws lambda create-function worked great.

aws lambda create-function `
--function-name $fn `
--runtime java8 `
--role $currentRoleARN `
--handler "handleRequest" `
--memory-size 128 `
--zip-file $jarFile

0 讨论(0)

查看其它11个回答