When you create a function, by default Lambda will automatically create an IAM execution role for the function. To do that, your IAM user will require the
iam:CreateRole permission, which it looks like it doesn't currently. To do this, they could create a new policy that includes that permission and attach it to your IAM user. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_delegate-permissions_examples.html
It's important to bear in mind when granting permissions to IAM that some of these could allow a user with restricted permissions to escalate their privileges - for example, by allowing them to add additional permissions to their IAM user, or by creating and assuming a more privileged role.
Alternatively, if an appropriate Lambda service role already exists in the account, or could be created by another user, you can expand the Change default execution role section and select it, instead of creating a new role.
Invoking a lambda function from core deviceasked 2 years ago
How do I configure an Amazon MQ instance that's in a VPC to invoke a Lambda function?Accepted Answerasked 2 years ago
Easiest way to replicate a lambda?asked 5 months ago
Is there a way to recover the deleted lambda function?asked a month ago
is it possible that SQS Triggers to a Lambda Function Alias?Accepted Answerasked 6 months ago
How to export environment variables from a Lambda function.asked 4 months ago
How to create a lambda layer for a CodeStar project?asked 4 years ago
Can't create a Lambda Functionasked 4 months ago
How do I link my Amazon Connect instance to a Lambda function outside the contact flow with automationasked 2 months ago
'create function' lambda permission issueasked a month ago