Minimum Lambda Permissions For Deployment From Visual Studio - gecko-8/devwiki GitHub Wiki
Deployment needs an execution role and the programmatic user needs certain permissions.
Execution Role
- Create a role with the AWSLambdaBasicExecutionRole policy.
Programmatic User Permissions
This is the minimum policy required for deployment from Visual Studio.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"lambda:CreateFunction",
"lambda:GetFunctionConfiguration",
"lambda:UpdateFunctionCode",
"lambda:ListEventSourceMappings",
"lambda:InvokeFunction"
],
"Resource": [
"arn:aws:lambda:ca-central-1:748209819571:function:*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "lambda:ListEventSourceMappings",
"Resource": "*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::748209819571:role/LambdaFunctionRole"
]
}
]
}