LoginSignup
10
5

More than 3 years have passed since last update.

@kapibara-3(カピバラ さん)

AWSのSAMテンプレートでLambdaをVPC内に入れるときに付ける権限。

Last updated at Posted at 2020-01-29

CodeStar実行時に、CloudFormationで、Lambdaの権限が足りなくて、以下のようなエラーが出力される場合:

The provided execution role does not have permissions to call CreateNetworkInterface on EC2 (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException; Request ID:xxxxxxxxxxxxxxxxxx)

EC2のエラーとか表示されるので紛らわしい。実際はEC2ではなくVPCの権限。
templete.yamlに以下の行を追記すれば、動く。

  LambdaExecutionRole:
    Description: Creating service role in IAM for AWS Lambda
    Type: AWS::IAM::Role
    Properties:
      ...略
      ManagedPolicyArns:
        - !Sub 'arn:aws:iam::aws:policy/AmazonVPCFullAccess' ⬅︎ これを追記すればとりあえず動く
10
5
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
10
5