Giving an AWS Lambda Function Access to a DynamoDB Table via an Execution Role

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this hands-on lab scenario, you are a software engineer working for a new startup that’s launching an online bookstore for rare and antique books. The founder, Kia, needs your help with resolving a security error she’s seeing with an AWS Lambda function. Since her technical lead is out sick, she’s calling on you for assistance. In order to resolve the security error with the Lambda function, you will use a service role in AWS Identity & Access Management (IAM) to give the Lambda function the required access permissions.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a Lambda Function Using Supplied Code

The student will create a Lambda function with a default execution role.

  1. Log in to the AWS Management console.
  2. Navigate to AWS Lambda.
  3. Click Create function.
  4. Ensure that Author from scratch is selected.
  5. In the Basic information section, set the following values:
    • Function name: "CreateDynamoDBTable"
    • Runtime: Python 3.7
  6. In Permissions, create a new role with basic Lambda permissions.
  7. Create the Lambda function.
  8. Copy and paste the Lambda function code from GitHub.
  9. Deploy the Lambda function.
Test the Lambda Function and Note the Error

The student will excecute the Lambda code and make note of the error.

  1. Log in to the AWS Management console.
  2. Navigate to AWS Lambda.
  3. Open the CreateDynamoDBTable Lambda function.
  4. Click Test.
  5. Create an empty test event.
  6. Name the test event.
  7. Click Create.
  8. Click Test.
  9. Observe the "not authorized" error message.
Modify Lambda Execution Role to Allow Access to DynamoDB

The student will update the Lambda’s execution to allow access to DynamoDB.

  1. Log in to the AWS Management console.
  2. Navigate to AWS Lambda.
  3. Open the CreateDynamoDBTable Lambda function.
  4. Click the Permissions tab.
  5. Click the execution role name.
  6. Attach the DynamoDB full access policy.
  7. Navigate back to AWS Lambda and test the function again.
  8. Observe that the table was created.

Additional Resources

Make sure you are using the US-EAST-1 region.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?