AWSLambdaExecute policy definition

amazon-web-services permissions amazon-iam amazon-lambda

Solution 1:

If your function has nothing to do with S3 then don't use this managed policy. As far as I can see this policy is used in the documentation in combination with a tutorial on how to use Lambda with Amazon S3.

Source: https://docs.aws.amazon.com/lambda/latest/dg/with-s3-example-create-iam-role.html

If you want to use a managed policy I recommend using AWSLambdaBasicExecutionRole which appear to contains only the minimum:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": "*"
    }
  ]
}

Related

Troubleshooting a Redis Stall
Can't connect Hyper-V Server 2012 R2 after Windows 10 update?
Are the SID, admin tokens, etc. created on the first boot after SysPrep, before going through setup?
View custom selinux policies
need to repeat the subject in a coordinate clause?
"Floh-ree-dah" rather than "Flor-duh"
what article should go before specific games?
Why does it sound wrong to my ears when someone says a thing "is aesthetic"? [closed]
Lecturer/Tutor at Online University, which word is more appropriate? [closed]
What does this explanation mean? [closed]
What is a yard of (pudding, ale, etc.)?
What does "were this away" mean in this context?