我正在创建一个AWS powershell脚本来创建一个lambda函数。作为脚本的一部分,我首先创建所需的自定义策略,创建角色,附加策略,然后尝试创建lambda函数。但是,要完全创建IAM角色似乎会有延迟,如果没有sleep语句,则会出现错误。
我知道在cloudformation模板中我可以潜在地使用dependency属性。在尝试创建功能之前,可以检查一下以确认创建状态吗?这是我想要做的-
New-IAMRole -RoleName "lambdarole" -AssumeRolePolicyDocument $assumerolelambdapolicy #creates role
New-IAMPolicy -PolicyName "policyarn1" -Description "custompolicy" `
-PolicyDocument $policyarndocument
$Executionrolepolicies = @("custompolicyarn1", "awsmanagedpolicyarn2", "awsmanagedpolicyarn3") #list of policy arns to be attached to the policy
foreach ($policy in $Executionrolepolicies) {
Register-IAMRolePolicy -RoleName "lambdarole" -PolicyArn $policy
}
Start-Sleep -s 60 #If I don't have this sleep to wait for the role
#to fully create, then I get the error of "role defined
#for the function cannot be assumed by lambda"
Publish-LMFunction -FunctionName "Test" `
-ZipFilename "C:\lambdacode.zip" `
-Region $region `
-Role "arn:aws:iam::1234567890:role/lambdarole" `
-Handler "lambda_function.lambda_handler" -Runtime "python2.7" `
-Description "Test function"