Menu
I'm creating a Lambda function in AWS with an execution role that allows access to Step functions, Cloudwatch, SES and SNS. This is what the role looks like:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
},
{
"Action": [
"ses:*",
"states:*",
"sns:*"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
I would expect to see something like this:
But instead I see non of the permissions show up.
In IAM I also see a problem pop up: "This policy defines some actions, resources, or conditions that do not provide permissions. To grant access, policies must have an action that has an applicable resource or condition." Perhaps this has to do with it?
793
Lambda still has this information, but moved this to 'Permissions' section. You can see all the permissions by Action or by resource.
88
Due to the recent addition of "destinations" within Lambda, as far as I can tell, Lambda no longer displays services that Lambda has access to. The best way to make sure you have permissions to access these resources, would be use a site such as this to generate the IAM permissions, and in then access the Role linked used by your Lambda function, found under "Execution role" in the console.
37
answered Dec 06 '25 15:12
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
