Here’s the terraform script snippet I used to create a lambda resource based policy
resource "aws_lambda_permission" "allow_eventbridge_execution" {
statement_id = "AllowExecutionFromEventBridge"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.this.arn
principal = "events.amazonaws.com"
source_arn = aws_cloudwatch_event_rule.this.arn
qualifier = aws_lambda_alias.latest.name
source_account = local.aws_account_id
}
resource "aws_lambda_alias" "latest" {
name = "latest-version"
description = "An alias to the latest version of the lambda function."
function_name = aws_lambda_function.this.function_name
function_version = "$LATEST"
}
My problem is that once I perform terraform plan and apply, I’m not seeing this when I look for the resource based policy via AWS Lambda Console.
Does anyone have any idea why this is the case?
>Solution :
Your allow_eventbridge_execution policy has been created for aws_lambda_alias.latest.name, so you have to check the permissions for that alias.