I always got "Unkown Error" when I open "Lambda" menu.

Question

Hi guys, 
When I had login as "IAM" root account. and open "Lambda" menu, I always got "Unknown Error" message. 
- and when I tried make new Lambda function => I can't make it.
- and When I see the function list on Visual studio AWS explorer, it shows up "Access denied exception".
- and When I tried deploy my old code to "Lambda", It had failed with "Access denied exception"

How to fix my problem?

Answer

The "root" user of an account can be restricted using [Service control policies (SCPs)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html), in AWS Organizations. The error you describe implies that there might be an SCP in place.

You can verify the presence of an SCP by navigating to AWS Organizations, and then check the "Policies" on the OU where the account is located. Note that SCPs might also be created by [AWS Control Tower](https://docs.aws.amazon.com/controltower/latest/userguide/what-is-control-tower.html) (if you use it), so please be careful changing existing SCP.

Please also note that there is a total of [~10 actions](https://docs.aws.amazon.com/IAM/latest/UserGuide/root-user-tasks.html) which really require root user permissions. Following least privilege, I therefore recommend not using this user unless you need to execute one of those actions, and use (preferably) [IAM Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) access or (if needed) IAM users instead.

I always got "Unkown Error" when I open "Lambda" menu.

関連するコンテンツ