AWS HPC Workshops > Before starting > e. Add IAM Permissions

e. Add IAM Permissions

Add permissions to your lambda

In order to create our cluster we need to add an additional IAM policy.

Go to the Lambda Console (deeplink) and search for ParallelClusterFunction
Select the function then Configuration > Permissions > Click on the role under Role name.
Select the AWSXRayDaemonWriteAccess policy and remove it
Select Add permissions > Create inline Policy

Click on the JSON tab and paste in the following policy. Make sure to change <account-id> to your aws account id.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
            "iam:AttachRolePolicy",
            "iam:DetachRolePolicy"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:iam::<account-id>:role/parallelcluster/*"
        }
    ]
}

Click Review Policy, give it a name like pcluster-attach-detach-policies and click Save.