The role defined for the function cannot be assumed by Lambda
I got the error "The role defined for the function cannot be assumed by Lambda" because i had not updated the roles "Trust Relationship" config file. I didn't encounter the timeout issues as in the linked answer in the comments.
The comments in the above answers pointed out that you need to add the following.
- Go to 'IAM > Roles > YourRoleName'
- (Note: if your role isn't listed, then you need to create it.)
- Select the 'Trust Relationships' tab
- Select 'Edit Trust Relationship'
Mine ended up like the below.
{
"Version": "2012-10-17",
"Statement": [
{
<your other rules>
},
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
I'm also encountering this error. Have not got a definitive answer (yet) but figured I'd pass along a couple of hints that may help you and/or anyone else hitting this problem.
A) If you build the Role ARN by putting together your account ID and role name, I think the account ID needs to be without any dashes
B) If you just created the role, and possibly added policies to it, there seems to be a (small) window of time in which the role will trigger this error. Sleeping 5 or 6 seconds between the last operation on the role and the create-function call allowed me to bypass the issue (but of course, the timing may be variable so this is at best a work-around).