Step-by-Step Guide to Creating an IAM Role for AWS Lambda
2 min readOct 30, 2023
Step 1: Open the AWS Management Console and Navigate to IAM
- Log in to your AWS account and open the AWS Management Console.
- Navigate to the IAM (Identity and Access Management) service.
Step 2: Create a New Role
- In the IAM dashboard, click on “Roles” in the left-hand navigation pane.
- Click on the “Create role” button.
Step 3: Select the Service
- In the “Select type of trusted entity” section, choose “AWS service.”
- In the “Choose a use case” section, select “Lambda.”
- Click on the “Next: Permissions” button.
Step 4: Attach Permissions
- You’ll now be prompted to attach permissions policies to your role. Search for and select the
AWSLambdaBasicExecutionRolepolicy. This policy allows your Lambda function to write logs to CloudWatch, which is essential for debugging. - Optionally, you can also add other policies if your Lambda function needs to access other AWS services.
- Click on “Next: Tags.”
Step 5: Add Tags (Optional)
- You can optionally add tags to your role, which can be useful for organization and cost tracking.
- Click on “Next: Review.”
Step 6: Review and Create the Role
- Give your role a descriptive name, such as
LambdaExecutionRole. - Review the permissions and tags to make sure everything is in order.
- Click on the “Create role” button.
Step 7: Get the Role ARN
- After the role is created, you’ll be directed back to the list of roles.
- Click on the role name you just created.
- At the top of the summary page, you’ll see the ARN (Amazon Resource Name) for the role. Copy this ARN as you’ll need it when you’re creating your Lambda function programmatically.