2

I have a rule in IoT Core that sends messages to a IoT Analytics channel and that data is then passed to a Analytics pipeline, in the pipeline however, I want to make use of a pipeline activity to transform the message, specifically the : Transform message with Lambda function activity.

My Lambda function returns a value that it retrieves from DynamoDB, I have tested the Lambda in AWS Lambda and it executes and works as it should, however, once I click update preview that should now show me the transformed message I get the following error:

We could not run the pipeline activity. ERROR : Unable to execute Lambda function due to insufficient permissions; dropping the messages, number of messages dropped : 1, functionArn : arn:aws:lambda:eu-west-1:x:function:y

The IAM role associated with the Lambda y function has the following permissions:

  • AmazonDynamoDBFullAccess
  • AWSIoTAnalyticsFullAccess
  • AWSIoTFullAccess

Is there a policy perhaps that I do not have in my IAM role for the Lambda that is preventing it from doing what I need it to?

Peter-John Jansen
  • 603
  • 1
  • 7
  • 26

1 Answers1

2

Seems like you did't provide permission to your lambda function,make sure you have granted IoT Analytics permission to invoke your Lambda function

Example AWS CLI command:

1)

aws lambda add-permission --function-name filter_to_cloudwatch --statement-id filter_to_cloudwatch_perms --principal iotanalytics.amazonaws.com --action lambda:InvokeFunction

2)

aws lambda add-permission --function-name LambdaForWeatherCorp --region us-east-1 --principal iot.amazonaws.com --source-arn arn:aws:iot:us-east-1:123456789012:rule/WeatherCorpRule --source-account 123456789012 --statement-id "unique_id" --action "lambda:InvokeFunction"
vaquar khan
  • 10,864
  • 5
  • 72
  • 96
  • 2
    For reference, the documentation on this is at https://docs.aws.amazon.com/iotanalytics/latest/userguide/pipeline-activities.html under the "Lambda Activity" section. – Roger Jan 23 '19 at 19:38