Dear Team,
I am currently working on the KodeKloud Engineer AWS Level 3 lab, which requires creating a CloudFormation stack. However, I encountered an issue where the provided user lacks the necessary permissions to create roles, resulting in an error.
Could you please review the permissions and resolve this access issue?
AWSTemplateFormatVersion: '2010-09-09'
Description: CloudFormation template to create a Lambda function with an IAM role for the Nautilus DevOps team.
Resources:
# IAM Role for Lambda execution
LambdaExecutionRole:
Type: "AWS::IAM::Role"
Properties:
RoleName: "lambda_execution_role"
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service: "lambda.amazonaws.com"
Action: "sts:AssumeRole"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AWSLambda_FullAccess"
# Lambda Function
NautilusLambdaFunction:
Type: "AWS::Lambda::Function"
Properties:
FunctionName: "nautilus-lambda"
Handler: "index.handler"
Role: !GetAtt LambdaExecutionRole.Arn
Runtime: "python3.8"
Code:
ZipFile: |
def handler(event, context):
return {
'statusCode': 200,
'body': 'Welcome to KKE AWS Labs!'
}
Outputs:
LambdaFunctionName:
Description: "Name of the Lambda function"
Value: !Ref NautilusLambdaFunction
LambdaFunctionARN:
Description: "ARN of the Lambda function"
Value: !GetAtt NautilusLambdaFunction.Arn