Skip to content

Add IAM to list of AWS permissions

Nathan Friend requested to merge docs-nfriend-add-iam-role into master

What does this MR do?

Adds IAM to the list of permissions required by the IAM user for serverless deployments of an AWS Lambda function.

I tried deploying a Lambda function using only the three permissions listed (AWS Lambda, API Gateway, and CloudFormation), but my job failed with:

An error occurred: IamRoleLambdaExecution - API: iam:CreateRole User: arn:aws:iam::641962070086:user/SnowDayNotifier is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::641962070086:role/gitlab-example-production-us-east-1-lambdaRole.

Here's the complete job log: https://gitlab.com/nfriend/snow-day-notifier/-/jobs/352540964

After adding IAMFullAccess, the deployment succeeded.

Merge request reports

Loading