Cannot create or delete Lambda functions, or attach S3 triggers even with root account

Hello community,

I’ve been facing a critical issue in my AWS account (standalone, not under an AWS Organization). For several days now, I’ve been unable to create new Lambda functions, delete existing ones, or associate S3 triggers. I’ve tried everything I could think of, with no luck:

What I’ve already verified / tried: I’m using the root account (arn:aws:iam::[my-account-id]:root, verified via aws sts get-caller-identity). I can create/delete S3 buckets and objects without any issues. The IAM role AWSServiceRoleForLambda is missing, and when I attempt to create it via: aws iam create-service-linked-role --aws-service-name lambda.amazonaws.com It returns the error: An error occurred (AccessDenied) when calling the CreateServiceLinkedRole operation: Cannot find Service Linked Role template for lambda.amazonaws.com I’ve tried this across multiple activated regions (us-west-1, us-east-1, sa-east-1, etc.). I created a new IAM user with AdministratorAccess permissions and configured its credentials correctly in the CLI — same issue occurs. In the AWS Console, when accessing Lambda, I get: “Access denied. You don’t have permission to perform this action. UnknownError” (screenshot attached). Checked AWS Organizations — I am NOT part of any organization, and no SCPs are applied. STS is enabled for all the necessary regions.

My suspicion It seems like the account is internally blocked from creating the required service-linked role for Lambda. Without this role, Lambda cannot perform any operations. My question What could be blocking Lambda from functioning, even under the root account? Is there a deeper setting or account-level issue preventing Lambda from creating its required service-linked role? And is there any way to fix this if I don’t have access to paid AWS Support?

Any guidance or similar experience would be greatly appreciated 🙏 Thanks in advance!