Reputation: 710
How to attach policy to a role while creating an AWS lambda function in nodejs in AWS CLI? Facing error while attaching role
I am creating a nodejs application and deploying it as a lambda function on AWS. I am following the link: http://docs.aws.amazon.com/lambda/latest/dg/with-on-demand-https-example-create-iam-role.html
I am now stuck at step 2.2-2.3. Step 2.2 has the json with the policy that needs to be attached to the role. When I use the below command (step 2.3) to create the lambda function:
ws lambda create-function --region us-east-1 --function-name LambdaFunctionOverHttps --zip-file fileb://LambdaFunctionOverHttps.zip --role execution-role-arn --handler LambdaFunctionOverHttps.handler --runtime nodejs4.3
Then I get the below error:-
An error occurred (ValidationException) when calling the CreateFunction operation: 1 validation error detected: Value 'execution-role-arn' at 'role' failed to satisfy constraint: Member must satisfy regular expression pattern: arn:aws:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@-_/]+
I even created the file "execution-role-arn" which had the json from Step 2.2. How can I resolve this error and create the lambda function?
Upvotes: 3
Views: 1316
Answers (2)
Reputation: 2286
I faced the same error, turns out you have to specify the Role ARN, not the Role name. So instead of --role roleName , put --role arn:aws:iam::1234567891:role/service-role/roleName . You can find you role ARN by clicking on the role name in Roles tab, and then at the top you'll find the role ARN.
AWS really needs to fix their documentation for almost all of their services.
Upvotes: 3
Reputation: 710
Update: The role needs to be replaced with the actual arn role name for the lambda function instead of a separate file. This can be found on the role you just created in step 2.2. So, the proper way to do this is as follows:
aws lambda create-function --region us-east-1 --function-name LambdaFunctionOverHttps
--zip-file fileb://LambdaFunctionOverHttps.zip --role arn:aws:iam::9999999999999:role/lambda-gateway-execution-role --handler LambdaFunctionOverHttps.handler --runtime nodejs4.3
This worked out fine and the lambda function got created. Note that I had pointed the default profile to admin with the aws config command.
Upvotes: 0
Related Questions
- How do I create a role with AWS managed policy using aws-cli?
- Can't create a Lambda function with a custom role HR which having AWSLambdaFullAccess policy
- Variable in AWS IAM role to grant permissions to Lambda function
- AWS Lambda Create Function Role Error
- How to make a role assumable by given lambda function?
- Lambda Policy Permissions: How to set Function Policy for lambda functions from AWS console?
- Policy to allow lambda:InvokeFunction to an IAM Assumed Role
- The proper AWS managed policy to attach an IAM Role to execute Lambda Functions
- IAM Roles Assume Role Permission
- InvalidParameterValueException: The role defined for the function cannot be assumed by Lambda