How Do You Attach a Lambda Function to a VPC?

Problem scenario
When trying to attach a Lambda function to a VPC, you get an error like this: "The provided execution role does not have permissions to call CreateNetworkInterface on EC2"

What should you do?

Solution
1. Go to IAM and create a policy. Use the JSON editor. Use these settings (taken from StackOverflow):

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:DescribeNetworkInterfaces",
        "ec2:CreateNetworkInterface",
        "ec2:DeleteNetworkInterface",
        "ec2:DescribeInstances",
        "ec2:AttachNetworkInterface"
      ],
      "Resource": "*"
    }
  ]
}
  1. Name the above policy something memorable. Then go to the Lambda section. Go to the Lambda function you are trying to attach a VPC to.
  2. Click on the "Execution Role" name that is hyperlinked.
  3. Attach the policy created in step #1.

Leave a comment

Your email address will not be published. Required fields are marked *