Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (19.1k points)

I'm trying out Serverless to create AWS Lambdas and while creating a project using the command serverless project create I'm getting the following error.

AccessDenied: User: arn:aws:iam::XXXXXXXXX:user/XXXXXXXXX is not authorized to perform: cloudformation:CreateStack on resource: arn:aws:cloudformation:us-east-1:XXXXXXXXX:stack/XXXXXXXXX-development-r/*

I have created a user and granted the following permissions to the user.

  1. AWSLambdaFullAccess
  2. AmazonS3FullAccess
  3. CloudFrontFullAccess
  4. AWSCloudFormationReadOnlyAccess ( There was no AWSCloudFormationFullAccess to grant )

How can I proceed? What else permissions I have to grant?

1 Answer

0 votes
by (44.4k points)

The closest one that you've mentioned is AWSCloudFormationReadOnlyAccess, but obviously that's for readonly and you need cloudformation:CreateStack. Add the following as a user policy.

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Sid": "Stmt1449904348000",

            "Effect": "Allow",

            "Action": [

                "cloudformation:CreateStack"

            ],

            "Resource": [

                "*"

            ]

        }

    ]

}

It's entirely possible you'll need more permissions- for instance, to launch an EC2 instance, to (re)configure security groups, etc.

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...