By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cannot add VPC to my lambda function

0

Hi,

I've run into a problem where I can't add a VPC to my Lambda function. I followed the steps outlined in this Stack Overflow post (https://stackoverflow.com/questions/41177965/the-provided-execution-role-does-not-have-permissions-to-call-describenetworkint), but I'm still getting the error message "The provided execution role does not have permissions to call CreateNetworkInterface on EC2". Do you have any suggestions on how to resolve this issue?

PS: I've attached three permission to my IAM user: AmazonEC2ContainerRegistryFullAccess, AWSLambda_FullAccess, AWSLambdaVPCAccessExecutionRole.

Thanks!

Topics
Networking & Content DeliveryServerlessComputeSecurity, Identity, & Compliance
Tags
Amazon VPCAWS LambdaIAM Policies
Language
English
Jimmy
asked 8 months ago318 views
1 Answer
2
Accepted Answer

Hello.

Please set the following IAM policy for the IAM role used by Lambda, not for the IAM user.
https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html#permissions-executionrole-features

AWSLambdaVPCAccessExecutionRole

AWSLambdaVPCAccessExecutionRole grants permissions to manage ENIs within an Amazon VPC and write to CloudWatch Logs.

You can check the IAM role used by Lambda from the Lambda screen.
lambda

profile picture
EXPERT
Riku_Kobayashi
answered 8 months ago
profile picture
EXPERT
Oleksii Bebych
reviewed 8 days ago
profile pictureAWS
EXPERT
Jose Guay
reviewed 8 months ago
profile pictureAWS
EXPERT
secondabhi_aws
reviewed 8 months ago
  • Jimmy
    8 months ago

    Great, thank you so much

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content