Newbie: trying to deploy I get "not authorized to perform: iam:CreateRole"

Hi, I’m trying to deploy a hello world Serverless Application for the first time in an enterprise environment. I do not have access to create or modify IAM policies or Roles.

I can assume a role however and I’m able to get permissions to use the AWS services as needed.

When I try to deploy my hello world application I get this error:

 ServerlessError: An error occurred: IamRoleLambdaExecution - API: iam:CreateRole User: arn:aws:sts::blahid:assumed-role/CloudCoreEng/aws-sdk-js-1570648874142 is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::blahid:role/lambda-hello-dev-us-east-1-lambdaRole with an explicit deny.

Why is serverless trying to create a Role? Is there a way around this?

Thanks,
Phil

1 Like