An error occurred (InvalidParameter) when calling the AddPermission operation: Invalid parameter: Policy contains too many statements

Question

We are trying to add permission to an SNS topic in account 'A'. A lambda function in account 'B' will invoke this. To do this, we used the CLI as below:

aws sns add-permission --topic-arn arn:aws:sns:us-east-1:<account_A>:djif-prod-policy-engine-config-sns --label lambda-<account_B>-us-east-2 --aws-account-id <account_B> --action-name Publish --region us-east-1

This returns the following error: An error occurred (InvalidParameter) when calling the AddPermission operation: Invalid parameter: Policy contains too many statements!

Can someone help us figure out a way to resolve this. We created a lambda function in a different account (account C) and this command worked fine with no errors.

krishna_mee2004 krishna_mee2004 · Accepted Answer · 2017-03-16T14:15:15

We figured this out. Whenever we run aws sns add-permission it updates the SNS topic policy. We had a bug in our code that called this multiple times for the same account (we are trying to invoke this SNS topic from multiple accounts). The AWS limit on the number of policies is 100 and when we hit this limit, we get the error.

An error occurred (InvalidParameter) when calling the AddPermission operation: Invalid parameter: Policy contains too many statements

1 Answers