AWS transform data going into IoT Analytics pipeline with a Lambda function permission error

Question

I have a rule in IoT Core that sends messages to a IoT Analytics channel and that data is then passed to a Analytics pipeline, in the pipeline however, I want to make use of a pipeline activity to transform the message, specifically the : Transform message with Lambda function activity.

My Lambda function returns a value that it retrieves from DynamoDB, I have tested the Lambda in AWS Lambda and it executes and works as it should, however, once I click update preview that should now show me the transformed message I get the following error:

We could not run the pipeline activity. ERROR : Unable to execute Lambda function due to insufficient permissions; dropping the messages, number of messages dropped : 1, functionArn : arn:aws:lambda:eu-west-1:x:function:y

The IAM role associated with the Lambda y function has the following permissions:

• AmazonDynamoDBFullAccess
• AWSIoTAnalyticsFullAccess
• AWSIoTFullAccess

Is there a policy perhaps that I do not have in my IAM role for the Lambda that is preventing it from doing what I need it to?

Answer 1

Seems like you did't provide permission to your lambda function,make sure you have granted IoT Analytics permission to invoke your Lambda function

Example AWS CLI command:

1)

aws lambda add-permission --function-name filter_to_cloudwatch --statement-id filter_to_cloudwatch_perms --principal iotanalytics.amazonaws.com --action lambda:InvokeFunction

2)

aws lambda add-permission --function-name LambdaForWeatherCorp --region us-east-1 --principal iot.amazonaws.com --source-arn arn:aws:iot:us-east-1:123456789012:rule/WeatherCorpRule --source-account 123456789012 --statement-id "unique_id" --action "lambda:InvokeFunction"