I'm trying to create new Nodejs based lambda but looks like I haven't got appropriate permissions. Unfortunately both me and a root user are not so familiar with AWS.
For first I've got this error message:
User: arn:aws:sts ... is not authorized to perform: cloudformation:DescribeStacks because no identity-based policy allows the cloudformation:DescribeStacks action but i'm able to start creating
After all I've got this one:
Error creating application: User: ... is not authorized to perform: serverlessrepo:GetApplication on resource: arn:aws:serverlessrepo:us-east-1:xxx:applications/CICD-toolchain-for-serverless-applications
Was trying to create CI/CD app. The main purpose is to migrate from Heroku to AWS.
CodePudding user response:
In order for you to be able to "see" stack properties, your root user or anybody having "enough power" (e.g., anyone with an Administrator
role) has to grant you that permission. Take a look at this page: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html
CodePudding user response:
You should create an IAM Role with sufficient permissions to perform the operations desired. This will depend upon what AWS API calls the function is making.
Then, associate the IAM Role with the AWS Lambda function.
See: Lambda permissions - AWS Lambda
You should also associated the AWSLambdaBasicExecutionRole
policy to the IAM Role so that the Lambda function can send log information to CloudWatch Logs. See: Lambda execution role - AWS Lambda