Ishwar Chincholkar
Reputation: 666
AWS boto3 User: arn:aws:iam::xxxx:root is not authorized to perform: lambda:AddLayerVersionPermission on resource
import json
import boto3
client = boto3.client('lambda')
response = client.add_layer_version_permission(
LayerName='arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1x',
VersionNumber=29,
StatementId='xaccount',
Action='lambda:GetLayerVersion',
Principal='*',
)
print(response)
setp1) setup aws credentials
step2) Created new IAM admin user and assigned policies to that user AdministratorAccess,AWSLambda_FullAccess, AWSLambdaExecute
step3) after running the python script I am getting error
botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the AddLayerVersionPermission operation: User: arn:aws:iam::xxxx:root is not authorized to perform: lambda:AddLayerVersionPermission on resource: arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1x:29
Upvotes: 0
Views: 761
Answers (1)
Marcin
Reputation: 238249
The layer you are trying to modify:
arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1
is AWS managed public layer. It does not belong to you, thus you can't modify its permissions, explaining why you are denied doing this.
Upvotes: 2
Related Questions
- Boto3 exception NoCredentialsError
- AWS Lambda: An error occurred (403) when calling the HeadObject operation: Forbidden
- FileNotFoundError: [Errno 2] No such file or directory boto3 aws
- Access Denied using boto3 through aws Lambda
- AWS Lambda: Boto3 "errorType": "KeyError"
- boto.exception.EC2ResponseError: EC2ResponseError: 403 Forbidden (rights issue or something else)
- AWS boto3 InvalidAccessKeyId when using IAM role
- python boto3 error: Not authorized to perform assumed role on resource
- aws-lambda tutorial fails with botocore.exceptions.ClientError: Forbidden
- Permission error when using Boto3, but works via aws cli