'How to attach an EXISTING Role in my aws account to aws componennt/Lambda Funtion using CLOUDFORMATION
Hi AWS Cloudformation guys!
I need to attach an existing role to the lambda function i am creating.
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Parameters:
LambdaRoleName:
Default: ExistingRoleCreatedInAwsAccount
Type: String
Resources:
LambdaFunction:
Type: AWS::Lambda::Function
Properties:
Runtime: python3.9
Timeout: 5
Handler: lambda_function.handler
Role: !Ref ExistingRoleCreatedInAwsAccount
Code:
S3Bucket: 'lambda-bucket-abi'
S3Key: 'lambdaupload.zip'
ScheduledRule:
Type: AWS::Events::Rule
Properties:
Description: "ScheduledRule"
ScheduleExpression: "rate(5 minutes)"
State: "ENABLED"
Targets:
- Arn:
Fn::GetAtt:
- "LambdaFunction"
- "Arn"
Id: "TargetFunctionV1"
PermissionForEventsToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Ref "LambdaFunction"
Action: "lambda:InvokeFunction"
Principal: "events.amazonaws.com"
SourceArn:
Fn::GetAtt:
- "ScheduledRule"
- "Arn"
Thanks in Advance!
amazon-web-services
amazon-cloudformationSolution 1:[1]
You seem to be on the right track, what's going wrong?
Your parameter is called 'LambdaRoleName'. Please be aware that it should be the role its ARN that you pass.
So when you deploy the stack, pass the role arn to the parameter:
aws cloudformation deploy --template-file your-template.yaml --stack-name your-stack-name --parameter-overrides LambdaRoleName=arn:aws:iam::123456789012:role/your-role --region eu-west-1
or change the default value to the role ARN:
Parameters:
LambdaRoleName:
Default: arn:aws:iam::123456789012:role/your-role
Type: String
Solution 2:[2]
It should be:
Role: !Ref LambdaRoleName
rather then
Role: !Ref ExistingRoleCreatedInAwsAccount
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Bruno Schaatsbergen |
| Solution 2 | Marcin |