Search code examples
pythonamazon-web-servicesbotoaws-sdkaws-lambda

The role defined for the function cannot be assumed by Lambda

I'm getting the error "The role defined for the function cannot be assumed by Lambda" when I'm trying to create a lambda function with create-function command.

aws lambda create-function
--region us-west-2
--function-name HelloPython
--zip-file fileb://hello_python.zip
--role arn:aws:iam::my-acc-account-id:role/default
--handler hello_python.my_handler
--runtime python2.7
--timeout 15
--memory-size 512

Solution

  • I got the error "The role defined for the function cannot be assumed by Lambda" because i had not updated the roles "Trust Relationship" config file. I didn't encounter the timeout issues as in the linked answer in the comments.

    The comments in the above answers pointed out that you need to add the following.

    1. Go to 'IAM > Roles > YourRoleName'
      • (Note: if your role isn't listed, then you need to create it.)
    2. Select the 'Trust Relationships' tab
    3. Select 'Edit Trust Relationship'

    Mine ended up like the below. 

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      <your other rules>
    },
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}