1 Answer
- Newest
- Most votes
- Most comments
1
Hello.
If you create the following policy and attach it to the IAM user, the operations described in the following document will be possible.
IAM-related operations allow creating IAM roles, attaching policies, and attaching IAM roles.
Operations related to Lambda allow Lambda creation, configuration update, list display, details display, and deletion.
https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-awscli.html
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:AttachRolePolicy",
"iam:PassRole",
"lambda:CreateFunction",
"lambda:update*",
"lambda:ListFunctions",
"lambda:GetFunction",
"lambda:DeleteFunction"
],
"Resource": [
"*"
]
}
]
}
Relevant content
- asked 2 years ago
- asked 9 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
Can I restrict the resource part further to only allow access to specific AWS resources, because I think a minimal ressource permission for a lambda function are S3 buckets?