Creating an IAM role is a necessary step in creating an AWS Lambda function. The IAM role controls the permissions of what services the AWS Lambda function can access while executing. In this article we will see how to create an IAM role for AWS Lambda.

Making an IAM role for AWS Lambda is very similar to making one for Amazon EC2 as we saw in HowTo: Create an IAM Role for EC2. Before we make the role however, make sure your desired IAM policies exist; for help making IAM policies, see HowTo: Create an IAM Policy.

We’ll start this by going to the AWS Console and clicking on IAM.

Click on Roles

We’ll click on the Create New Role button.

Now we named the role, for this example we’ll set the role name to be S3Copy.

Then click on the Next Step button.

And we will create an AWS Lambda service role.

Now we pick the policies to attach. For this example, we’ll search for the S3Copy policy.

Select the S3Copy policy.

If there were other policies we wanted to add, we could repeat the process of searching for the policy and selecting it. In this case however, we just want the one policy.

Once we have the desired policies selected, click the Next Step button.

Review the role then click Create Role.

The IAM role is setup and ready to go.