So I’ve been trying to crack open this bug for the past ~6 hours or so. Extremely frustrated and confused. Sorry I can’t add all the images right in this post due to being a new user.
When I run the function using sls invoke local
:
Everything runs fine. The files upload to S3, data is added to the appropriate DynamoDB table, and a certificate is created within IOT.
Now let’s try invoking that same function using sls invoke
:
Nothing happens. Nothing shows up in S3, DynamoDB, or IOT.
Now, I’ve tried everything.
What’s really strange to me is that I have a user called “assumed-role” which initially had one permission (assuming other users roles via “sts:AssumeRole”. But since this bug, I expanded the permissions to everything. Still getting the error with this policy too:
Now I’m not even sure why the"assumed-role" user is coming into this error at all, since according to Lambda, the execution role is the execution role which serverless creates for us:
Even if I try executing the function from within the AWS Lambda console, I get the same strange error.
The permissions allow for all “iot:*” actions to be allowed (and we know this policy should work since the local function is being invoked)
Can anyone please help me here? I’ve literally tried everything.
Edit: I mean I’ve deleted my assume-role
user from the IAM console, and even then, still getting the same error. SOS.
Edit 2: OK, I think I’m getting this. Since Lambda has permissions for stuff, how do I make it so that the assumed version of Lambda has permissions to these actions?