- Newest
- Most votes
- Most comments
Hi,
Based on your template, it seems you are trying to add resource policy to lambda function. You should be doing something like this:
rLambdaInvokePermission:
Type: 'AWS::Lambda::Permission'
Properties:
FunctionName: <lambda_function_name>
Action: 'lambda:InvokeFunction'
Principal: apigateway.amazonaws.com
SourceArn: <APIARN>
Identity based policy document shouldn't contain principal. Resource based policy should have principal in it but identity based policy would error out if principal would be mentioned. You are trying to create resource based policy but formatted in identity based format.
Take look at AWS Resource Lambda Permissions.
Refer IAM Access Policies for more example/syntax for IAM policies. Also, take a look at this re:Post Knowledge Center Article, which exactly talks about this.
Hope it helps.
Comment here if you have additional questions, happy to help.
Abhishek
@nafiu, It seems like you are trying to add lambda invoke permission for your your API, I just added template snippet. Please take a look and let me know if you have any questions.
Thank you so much
Keep it as separate resource. This block would not go inside any role.
Relevant content
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Can you edit your template and add snippet from starting please here. It seems like resources and parameters sections are missing, this would help us to find the issue overall.