Hi Jan,
I have created a skill in the console, created a Lambda function a local setup with JOVO and an ASK profile (exampleOfficial
).
I created the above profile with the same user account which had been set up by my Administrator.
I am getting the following response when trying to deploy to lambda
(jovo deploy -t lambda --ask-profile exampleOfficial
)
Deploying Alexa Skill
✖ Uploading to AWS Lambda
→ User: arn:aws:iam::880731272882:root is not authorized to perform: lambda:UpdateFunctionCode on resource: arn:aws:lambda:us-east-
…
› Error: There was a problem:
› AccessDeniedException: User: arn:aws:iam::880731272882:root is not authorized to perform: lambda:UpdateFunctionCode on resource:
› arn:aws:lambda:us-east-1:109918021270:function:exampleProjectNotes
However, the following commands are running without isue:
$ jovo get alexaSkill --skill-id <Skill ID> --ask-profile exampleOfficial
and
$ jovo deploy --ask-profile exampleOfficial
I referred to this article and created a Policy with the following JSON:
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:GetRole",
"iam:AttachRolePolicy",
"iam:PassRole",
"lambda:AddPermission",
"lambda:CreateFunction",
"lambda:GetFunction",
"lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration",
"lambda:ListFunctions",
"logs:FilterLogEvents",
"logs:getLogEvents",
"logs:describeLogStreams"
],
"Resource": "*"
}
}
I then went to https://console.aws.amazon.com/iam/home#/users/<username>
> Ad Permission. Now I am not sure which one to select. Under Attach Existing Policy Directly, I can see the permissions I have created earlier for the Policy. Shall I attach this?
Because I am not sure, I have no idea what impact this might have in other areas.
Please suggest. This is a kind of urgent.
Regards,
Subrata Sarkar