AWS Lambda:The provided execution role does not have permissions to call DescribeNetworkInterfaces on EC2

Question 1

AWS Lambda:The provided execution role does not have permissions to call DescribeNetworkInterfaces on EC2

amazon-web-services aws-lambda amazon-iam policy role

fisheep · Dec 16, 2016 · Viewed 28.3k times · Source

Answer

Answer

This error is common if you try to deploy a Lambda in a VPC without giving it the required network interface related permissions ec2:DescribeNetworkInterfaces, ec2:CreateNetworkInterface, and ec2:DeleteNetworkInterface (see AWS Forum).

For example, this a policy that allows to deploy a Lambda into a VPC:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:DescribeNetworkInterfaces",
        "ec2:CreateNetworkInterface",
        "ec2:DeleteNetworkInterface",
        "ec2:DescribeInstances",
        "ec2:AttachNetworkInterface"
      ],
      "Resource": "*"
    }
  ]
}

Question 2

Today I have a new AWS Lambda question, and can't find anywhere in Google.

I new a Lambda function, there is no question. But when I input any code in this function[eg. console.log();] and click "Save", error is occured: "The provided execution role does not have permissions to call DescribeNetworkInterfaces on EC2"

exports.handler = (event, context, callback) => {
    callback(null, 'Hello from Lambda');
    console.log();  // here is my code   
};

I bound the function with Role: lambda_excute_execution(Policy:AmazonElasticTranscoderFullAccess) And this function is not bound with any triggers now.

And then, I give the role "AdministratorAccess" Policy, I can save my source code correctly.

This role can run Functions successfully before today.

Is anyone know this error?

Thanks Very much!

AWS Lambda:The provided execution role does not have permissions to call DescribeNetworkInterfaces on EC2

Answer

Related questions