By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Minimum permissions to deploy a Lambda function

0

Which minimum permission does IAM user need to deploy a Lambda function using the AWS CLI? When selecting "attach policy directly" I get a long list of permissions but what permission do I need?

Topics
ServerlessComputeSecurity, Identity, & Compliance
Tags
AWS LambdaIAM Policies
Language
English
sedo
asked 15 days ago138 views
1 Answer
1

Hello.

If you create the following policy and attach it to the IAM user, the operations described in the following document will be possible.
IAM-related operations allow creating IAM roles, attaching policies, and attaching IAM roles.
Operations related to Lambda allow Lambda creation, configuration update, list display, details display, and deletion.
https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-awscli.html

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Action": [
                "iam:CreateRole",
                "iam:AttachRolePolicy",
                "iam:PassRole",
                "lambda:CreateFunction",
                "lambda:update*",
                "lambda:ListFunctions",
                "lambda:GetFunction",
                "lambda:DeleteFunction"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}
profile picture
EXPERT
Riku_Kobayashi
answered 15 days ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 15 days ago
  • sedo
    13 days ago

    Can I restrict the resource part further to only allow access to specific AWS resources, because I think a minimal ressource permission for a lambda function are S3 buckets?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content