- Attach the IAM policy to the role

Now you will attach the policy you have created to the role that your Lambda function assumes.

  1. You will need the name of the default execution role created by AWS Lambda shown in section f. You can get the name of this role using the AWS CLI as shown below. It should be called SlurmFrontEnd-role-XYZ where XYZ is a random string

    aws iam list-roles --query "Roles[*].[RoleName]" --output=text | grep "SlurmFrontEnd-role"
  2. Next, you will attach the IAM policy you created in the previous step to the role. You will need the Amazon Resource Name (ARN) of the created policy. The below gets the ARN

    LAMBDA_IAM_POLICY=$(aws iam list-policies --query 'Policies[?PolicyName==`lambda-exec`].Arn' --output text)
    echo $LAMBDA_IAM_POLICY
  3. Apply the policy to the role. Remember to replace the SlurmFrontEnd-role-XYZ to the exact name of your role

    aws iam attach-role-policy --role-name SlurmFrontEnd-role-XYZ --policy-arn $LAMBDA_IAM_POLICY
    If you run into a security token error, expand the below to see how to fix it
  4. You can confirm the policy attached to the role as shown below. Replace the role name SlurmFrontEnd-role-XYZ to the exact name of your role.

    aws iam list-attached-role-policies --role-name SlurmFrontEnd-role-XYZ
  5. You should see an output as below. Confirm that your policy (lambda-exec) is attached to the role. Lambda IAM

You are done with IAM and Lambda. Do not hesitate to explore the services you discovered beyond this tutorial. Next, you will attach your AWS Lambda function to Amazon API Gateway.

As an exercise you can trying creating the above AWS Lambda function using AWS Console.