AWS Lambda
Developer Guide

Step 2.2: Create the Execution Role (IAM Role)

In this section, you create an IAM role using the following predefined role type and access permissions policy:

  • AWS service role of the type AWS Lambda – This role grants AWS Lambda permissions to assume the role.

  • AWSLambdaExecute access permissions policy that you attach to the role.

  • Add a custom policy which allocates permissions for you to add objects to your Amazon S3 bucket. For more information, see Creating a Role to Delegate Permissions to an AWS Service in the IAM User Guide to create an IAM role (execution role).

For more information about IAM roles, see IAM Roles in the IAM User Guide. Use the following procedure to create the IAM role.

To create an IAM role (execution role)

  1. Sign in to the AWS Management Console and open the IAM console at

  2. Choose Create role

  3. In Select type of trusted entity, choose AWS service, and then choose Lambda. This will allow Lambda functions to call AWS services under your account.

  4. Choose Next: Permissions

  5. In Filter: Policy type enter AWSLambdaExecute and choose Next: Review.

  6. In Role name*, enter a role name that is unique within your AWS account (for example, lambda-s3-execution-role) and then choose Create role.

  7. Open the service role that you just created.

  8. Under the Permissions tab, choose Add inline policy.

  9. In service, choose Choose a service.

  10. In Select a service below, choose S3.

  11. In Actions, choose Select actions.

  12. Expand Write under Access level groups and then choose PutObject.

  13. Choose Resources and then choose the Any checkbox.

  14. Choose Review policy.

  15. Enter a Name* and then choose Create policy. Note the policy specifications:

    { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutObject", "Resource": "arn:aws:s3:::*/*" } ] }
  16. Under the Summary of your role, record the Role ARN. You will need it in the next step when you create your Lambda function.

Next Step

Step 2.3: Create the Lambda Function and Test It Manually

On this page: