I was trying to Build a fact skill as per instructions given in https://github.com/alexa/skill-sample-nodejs-fact.
Cloned repository, initialized the ASK CLI and installed npm dependencies.
Then I tried to deploy the skill and the lambda function in one step by running the command ask deploy. But it shows AccessDeniedException. Please help me to resolve the issue
-------------------- Create Skill Project --------------------
Profile for the deployment: [default] Skill Id: amzn1.ask.skill.1234ab-1234
Skill deployment finished. Model deployment finished. Create Lambda error. AccessDeniedException: User: arn:aws:iam::12345678:user/ASK_CLI_USER is not authorized to perform: lambda:CreateFunction on resource: arn:aws:lambda:us-east-1:12345678:function:what_name_you_want_to_name_the_lambda
Please Note:
Installed and set up ASK CLI following instructions in the below link: https://developer.amazon.com/docs/smapi/quick-start-alexa-skills-kit-command-line-interface.html
Set Up Credentials for an Amazon Web Services (AWS) Account CLI following instructions in the below link: https://developer.amazon.com/docs/smapi/set-up-credentials-for-an-amazon-web-services-account.html
Created a user ASK_CLI_USER and created a new policy with the permissions
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:CreateRole", "iam:GetRole", "iam:AttachRolePolicy", "iam:PassRole" ], "Resource": "arn:aws:iam:::role/ask-" }, { "Effect": "Allow", "Action": [ "lambda:AddPermission", "lambda:CreateFunction", "lambda:GetFunction", "lambda:UpdateFunctionCode", "lambda:ListFunctions" ], "Resource": "arn:aws:lambda:::function:ask-" }, { "Effect": "Allow", "Action": [ "logs:FilterLogEvents", "logs:getLogEvents", "logs:describeLogStreams" ], "Resource": "arn:aws:logs:::log-group:/aws/lambda/ask-" } ] }
