Hello, I have the following serverless.yaml
service: ebs
provider:
name: aws
runtime: python2.7
iamRoleStatements:
- Effect: "Allow"
Action:
- "logs:*"
Resource: "arn:aws:logs:*:*:*"
- Effect: "Allow"
Action:
- "ec2:Describe*"
Resource: "*"
- Effect: "Allow"
Action:
- "ec2:CreateSnapshot"
- "ec2:ModifySnapshotAttribute"
- "ec2:ResetSnapshotAttribute"
Resource: ["*"]
when I try to invoke it, i get the following error:
"errorType": "ClientError",
"errorMessage": "An error occurred (UnauthorizedOperation) when calling the DescribeInstances operation: You are not authorized to perform this operation."
looking at the lambda role being created, these policies are not being added. if i manually modify the Role policy, the function executes.
what am i missing?
any advice is much appreciated