menu
  • Register

The provided execution role does not have permissions to call createnetworkinterface on ec2

0 votes
466 views

Problem :

I am new to Lambda and want to setup my Lambda to access my Mongo server on one of the EC2 instances in VPC. I tried selecting all the subnets and security groups, but still I am getting the following error while trying to save "You are not authorized to perform: CreateNetworkInterface."

I think, I need to do some kind of policy setup in AWS IAM to make this happen.

I have required "AdministratorAccess" and I am trying very hard to add IAM role to my account.

Please let me know what policy/role I need to add for this problem to be fixed?

6 5 3
6,930 points

1 Answer

0 votes

Solution :

I had faced this issue in the recent past. I did lot of research on it.

I found the following solution to solve your issue.

If the error message is saying that "This Lambda function is not authorized to perform: CreateNetworkInterface" then it is more practical that Lambda role needs to be modified with appropriate policy. So fixed the problem by adding the lambda with the policy actions as follows:

NetworkLambdaRole:
 Type: "AWS::IAM::Role"
 Properties:
   RoleName: "Network-Lambda-Role"
   AssumeRolePolicyDocument:
     Version: '2012-10-17'
     Statement:
     -
       Effect: "Allow"
       Principal:
         Service:
         - "lambda.amazonaws.com"
       Action:
       - "sts:AssumeRole"
   Policies:
   - PolicyName: "network-lambda-role-policy"
     PolicyDocument:
       Version: '2012-10-17'
       Statement:
       - Effect: "Allow"
         Action: [
           "ec2:DescribeInstances",
           "ec2:CreateNetworkInterface",
           "ec2:AttachNetworkInterface",
           "ec2:DescribeNetworkInterfaces",
           "ec2:DeleteNetworkInterface"
         ]
         Resource: "*"

9 7 4
38,600 points

Related questions

0 votes
1 answer 303 views
303 views
Execution failed due to configuration error: malformed lambda proxy response
Problem : I want to set up the hello world example with AWS lambda and serving it through the api gateway. I clicked a "Create a Lambda Function", which set up a api gatway and selected a Blank Function option. I added a lambda function found on AWS ... response { "message": "Internal server error" }. And my logs say "Execution failed due to configuration error: Malformed Lambda proxy response".
asked Jan 22 jwilliam 3.9k points
1 vote
2 answers 357 views
357 views
Execution failed due to configuration error: invalid permissions on lambda function
Problem : I am very new to the AWS and the beast. While working on API Gateway to Lambda proxy integration I am facing below error : Execution failed due to configuration error: Invalid permissions on Lambda function I have followed the below given ... on any resource # within the API Gateway "REST API". source_arn = "${aws_api_gateway_deployment.resource_name_of_deployment.execution_arn}/*/*" }
asked Dec 14, 2019 alecxe 7.5k points
0 votes
2 answers 375 views
375 views
the authorization mechanism you have provided is not supported. please use aws4-hmac-sha256.
Problem : I am facing following AWS error the authorization mechanism you have provided is not supported. please use aws4-hmac-sha256.
asked Nov 16, 2019 peterlaw 6.9k points
0 votes
0 answers 39 views
39 views
The aws access key id you provided does not exist in our records.
Problem: I have only managed to have the elementary knowledge on AWS. Currently I am trying to download all of the available files from the s3 bucket to the local machine. I have already installed AWS cli. After that I have tried to use the aws configure to ... the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records. Kindly guide me in fixing above AWS error.
asked Jun 22 Raphael Pacheco 4.9k points
0 votes
1 answer 84 views
84 views
The request signature we calculated does not match the signature you provided.
Problem : I have searched on a web for over two days now, and probably have looked through most of a online documented scenarios and workarounds, but nothing realy worked for me so far. I am on a AWS SDK for PHP V2.8.7 running on PHP 5.3. I want to ... pass in the information (example: profile and including credentials in code) but nothing is working at the moment for me. Any solution on my error?
asked Jan 18 jwilliam 3.9k points
Dark theme