The IAM role will be used to give our Lambda function permission to write to the SQS queue. The role gets its permissions from a Policy.

Go to Security, Identity & Compliance - IAM.

Click “Policies”

  • Create policy
  • JSON

Enter the following, replacing the queue ARN(s) with your value(s):

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
            "Resource": [
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "logs:CreateLogGroup",
            "Resource": "arn:aws:logs:*:*:*"

Click Review policy

  • Name: caliper_store
  • Create policy

Click “Roles”

  • Create role
  • Next: Permissions
  • Search for “caliper_store” and select it
  • Next: Review

Role name: caliper_store

Create Role