menu
  • Register

Want to solve programming problems and get paid for it? If that sounds interesting to you then contact us.

The provided execution role does not have permissions to call createnetworkinterface on ec2

0 votes
550 views

Problem :

I am new to Lambda and want to setup my Lambda to access my Mongo server on one of the EC2 instances in VPC. I tried selecting all the subnets and security groups, but still I am getting the following error while trying to save "You are not authorized to perform: CreateNetworkInterface."

I think, I need to do some kind of policy setup in AWS IAM to make this happen.

I have required "AdministratorAccess" and I am trying very hard to add IAM role to my account.

Please let me know what policy/role I need to add for this problem to be fixed?

6 5 3
6,930 points

Please log in or register to answer this question.

1 Answer

0 votes

Solution :

I had faced this issue in the recent past. I did lot of research on it.

I found the following solution to solve your issue.

If the error message is saying that "This Lambda function is not authorized to perform: CreateNetworkInterface" then it is more practical that Lambda role needs to be modified with appropriate policy. So fixed the problem by adding the lambda with the policy actions as follows:

NetworkLambdaRole:
 Type: "AWS::IAM::Role"
 Properties:
   RoleName: "Network-Lambda-Role"
   AssumeRolePolicyDocument:
     Version: '2012-10-17'
     Statement:
     -
       Effect: "Allow"
       Principal:
         Service:
         - "lambda.amazonaws.com"
       Action:
       - "sts:AssumeRole"
   Policies:
   - PolicyName: "network-lambda-role-policy"
     PolicyDocument:
       Version: '2012-10-17'
       Statement:
       - Effect: "Allow"
         Action: [
           "ec2:DescribeInstances",
           "ec2:CreateNetworkInterface",
           "ec2:AttachNetworkInterface",
           "ec2:DescribeNetworkInterfaces",
           "ec2:DeleteNetworkInterface"
         ]
         Resource: "*"

9 7 4
38,600 points

Related questions

0 votes
1 answer 387 views
387 views
Execution failed due to configuration error: malformed lambda proxy response
Problem : I want to set up the hello world example with AWS lambda and serving it through the api gateway. I clicked a "Create a Lambda Function", which set up a api gatway and selected a Blank Function option. I added a lambda function found on AWS ... response { "message": "Internal server error" }. And my logs say "Execution failed due to configuration error: Malformed Lambda proxy response".
asked Jan 22, 2020 jwilliam 3.9k points
1 vote
2 answers 407 views
407 views
Execution failed due to configuration error: invalid permissions on lambda function
Problem : I am very new to the AWS and the beast. While working on API Gateway to Lambda proxy integration I am facing below error : Execution failed due to configuration error: Invalid permissions on Lambda function I have followed the below given ... on any resource # within the API Gateway "REST API". source_arn = "${aws_api_gateway_deployment.resource_name_of_deployment.execution_arn}/*/*" }
asked Dec 14, 2019 alecxe 7.5k points
0 votes
2 answers 488 views
488 views
the authorization mechanism you have provided is not supported. please use aws4-hmac-sha256.
Problem : I am facing following AWS error the authorization mechanism you have provided is not supported. please use aws4-hmac-sha256.
asked Nov 16, 2019 peterlaw 6.9k points
0 votes
0 answers 94 views
94 views
The aws access key id you provided does not exist in our records.
Problem: I have only managed to have the elementary knowledge on AWS. Currently I am trying to download all of the available files from the s3 bucket to the local machine. I have already installed AWS cli. After that I have tried to use the aws configure to ... the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records. Kindly guide me in fixing above AWS error.
asked Jun 22, 2020 Raphael Pacheco 4.9k points
0 votes
1 answer 102 views
102 views
The request signature we calculated does not match the signature you provided.
Problem : I have searched on a web for over two days now, and probably have looked through most of a online documented scenarios and workarounds, but nothing realy worked for me so far. I am on a AWS SDK for PHP V2.8.7 running on PHP 5.3. I want to ... pass in the information (example: profile and including credentials in code) but nothing is working at the moment for me. Any solution on my error?
asked Jan 18, 2020 jwilliam 3.9k points
1 vote
1 answer 441 views
441 views
Any data on the ephemeral storage of your instances will be lost.
Problem: I am not having much knowledge about Amazon EC2. Recently when I was trying to stop my Amazon EC2 instance then I saw the following warning message: "Warning: Please note that any data on the ephemeral storage of your instance will be lost when it is ... the ephemeral storage of my Amazon EC2 instance? I need expert’s advice in this aspect to avoid any important data loss to me.
asked May 23, 2020 Martin K 6.6k points
0 votes
1 answer 145 views
145 views
There was an error loading log streams. please try again by refreshing this page.
Problem : Whenever I try to go to my Logs page the following error shows: “There was an error loading Log Streams. Please try again by refreshing this page.” The problem is that there is another function which is identical except my code which is creating the log files no problem. Any suggestions to resolve my issue?
asked Dec 25, 2019 alecxe 7.5k points
0 votes
1 answer 37 views
37 views
Checksum of /versions does not match the checksum provided by server! something is wrong.
Problem : I have created a project on my old laptop using rails and heroku. I am trying to access the files and push the new edits to heroku on my laptop. Luckily they are all saved on Git so I can clone the git repository onto my new laptop. My new laptop had ... nightmare for me and I just want to find a correct way to install ruby and rails so that above mentioned errors will get out the way.
asked Nov 28, 2019 alecxe 7.5k points
0 votes
0 answers 49 views
49 views
The parameter groupname cannot be used with the parameter subnet.
Problem: Is it possible for someone to check my code which I have recently tried to create using the YAML for Cloudformation for some unknown strange reasons I am facing the following error. I am new to YAML. Error: CREATE_FAILED    AWS::EC2::Instance  Ec2InstanceOne  The ... MySubnet: Type: AWS::EC2::Subnet Properties: AvailabilityZone: eu-west-1a CidrBlock: 192.168.1.0/24 VpcId: !Ref MyVpc
asked Jun 22, 2020 Raphael Pacheco 4.9k points
Dark theme