• Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon

Giving an AWS Lambda Function Access to a DynamoDB Table via an Execution Role

In this hands-on lab scenario, you are a software engineer working for a new startup that's launching an online bookstore for rare and antique books. The founder, Kia, needs your help with resolving a security error she's seeing with an AWS Lambda function. Since her technical lead is out sick, she's calling on you for assistance. In order to resolve the security error with the Lambda function, you will use a service role in AWS Identity & Access Management (IAM) to give the Lambda function the required access permissions.

Google Cloud Platform icon

Path Info

Clock icon Intermediate
Clock icon 30m
Clock icon Oct 09, 2020

Contact sales

Table of Contents

  1. Challenge

    Create a Lambda Function Using Supplied Code

    The student will create a Lambda function with a default execution role.

    1. Log in to the AWS Management console.
    2. Navigate to AWS Lambda.
    3. Click Create function.
    4. Ensure that Author from scratch is selected.
    5. In the Basic information section, set the following values:
      • Function name: "CreateDynamoDBTable"
      • Runtime: Python 3.7
    6. In Permissions, create a new role with basic Lambda permissions.
    7. Create the Lambda function.
    8. Copy and paste the Lambda function code from GitHub.
    9. Deploy the Lambda function.
  2. Challenge

    Test the Lambda Function and Note the Error

    The student will excecute the Lambda code and make note of the error.

    1. Log in to the AWS Management console.
    2. Navigate to AWS Lambda.
    3. Open the CreateDynamoDBTable Lambda function.
    4. Click Test.
    5. Create an empty test event.
    6. Name the test event.
    7. Click Create.
    8. Click Deploy.
    9. Click Test.
    10. Observe the "not authorized" error message.
  3. Challenge

    Modify Lambda Execution Role to Allow Access to DynamoDB

    The student will update the Lambda's execution to allow access to DynamoDB.

    1. Log in to the AWS Management console.
    2. Navigate to AWS Lambda.
    3. Open the CreateDynamoDBTable Lambda function.
    4. Click the Configuration tab.
    5. Click the Permissions tab.
    6. Click the execution role name.
    7. Attach the DynamoDB full access policy.
    8. Navigate back to AWS Lambda and test the function again.
    9. Observe that the table was created.

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans