caliper:iam

IAM

The IAM role will be used to give our Lambda function permission to write to the SQS queue. The role gets its permissions from a Policy.

Go to Security, Identity & Compliance - IAM.

Click “Policies”

Create policy
JSON

Enter the following, replacing the queue ARN(s) with your value(s):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "sqs:GetQueueUrl",
                "logs:CreateLogStream",
                "sqs:SendMessage",
                "logs:PutLogEvents"
            ],
            "Resource": [
                "arn:aws:sqs:Region:ID:QueueName1",
                "arn:aws:sqs:Region:ID:QueueName2",
                "arn:aws:logs:*:*:*"
            ]
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "logs:CreateLogGroup",
            "Resource": "arn:aws:logs:*:*:*"
        }
    ]
}

Click Review policy

Name: caliper_store
Create policy

Click “Roles”

Create role
Next: Permissions
Search for “caliper_store” and select it
Next: Review

Role name: caliper_store

Create Role