By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Got error when create new Scheduler with EventBridge: "The execution role you provide must allow AWS EventBridge Scheduler to assume the role"

0

Hi all, I am trying to create a new scheduler following this article https://docs.aws.amazon.com/eventbridge/index.html But I face the error when confirming at the final step: "The execution role you provide must allow AWS EventBridge Scheduler to assume the role" Do you have any idea how to fix the missing permission?

The execution role you provide must allow AWS EventBridge Scheduler to assume the role

Topics
ServerlessApplication Integration
Tags
Amazon EventBridge
Language
English
rePost-User-GKIM
asked a year ago2485 views
4 Answers
0

Hi there, yes I already added trusted entities like this, but still got the error when creating the scheduler. added trusted entities

rePost-User-GKIM
answered a year ago
  • Riku_Kobayashi EXPERT
    a year ago

    Can I set it up by changing aws:SourceArn as follows?

    arn:aws:scheduler:ap-southeast-1:xxxxxx:schedule/xxxx_ScheduleGroup*
  • rePost-User-GKIM
    a year ago

    Hi there, tried update aws:SourceAccount as your suggested, but still got the error "The execution role you provide must allow AWS EventBridge Scheduler to assume the role."

  • Riku_Kobayashi EXPERT
    a year ago

    Is the "condition" part absolutely necessary? If it is not needed, it can be deleted.

0

An execution role is an IAM role that EventBridge Scheduler assumes in order to interact with other AWS services on your behalf. You attach permission policies to this role to grant EventBridge Scheduler access to invoke targets.

Please see a reference example for the same : https://docs.aws.amazon.com/scheduler/latest/UserGuide/setting-up.html

profile pictureAWS
EXPERT
AWS-User-Nitin
answered a year ago
  • rePost-User-GKIM
    a year ago

    Yes, followed the doc for both "Create new role" or "Use existing role" but still stuck with the error "The execution role you provide must allow AWS EventBridge Scheduler to assume the role."

0

This can occur when there is no "sts:AssumeRole" in "scheduler.amazonaws.com" in the trusted entity of the execution role that was set when creating the EventBridge Scheduler.
Check to see if the following entities are set up.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "scheduler.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}
profile picture
EXPERT
Riku_Kobayashi
answered a year ago
0

I gave up and switched to Google Cloud Scheduler https://firebase.google.com/docs/functions/schedule-functions, everything working fine now. Thanks all!

rePost-User-GKIM
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content