-1

Although I have given the function IAM profile complete AdministratorAccess permissions, along with AmazonDynamoDBFullAccess permissions as well, every time that I test the function I am greeted with the same error message:

no identity-based policy allows the dynamodb:PutItem action.

How do I fix this? I literally cannot give the IAM profile more access, so I am very confused. I have given every permission I can give.

Leeroy Hannigan
  • 11,409
  • 3
  • 14
  • 31
Jack Eggert
  • 1
  • 1
  • This might help? https://stackoverflow.com/questions/72548506/accessdeniedexception-while-trying-to-do-dynamodbputitem-action – tehCheat Dec 28 '22 at 22:20
  • 1
    Did you try to create a customized role PutItem and attach to the Lambda service account ? – razimbres Dec 28 '22 at 22:21

1 Answers1

0

2 things I can think on

  1. Check you are assigning the policies to the Lambda Execution Role. https://docs.aws.amazon.com/lambda/latest/dg/lambda-permissions.html

  2. Are you part of an organization, check that you no not have any SCP policies in place preventing the PutItem as it would take precedence. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html

Leeroy Hannigan
  • 11,409
  • 3
  • 14
  • 31