The final policy size (20539) is bigger than the limit (20480)

Question

I have a lambda function, I am creating triggers for aws lambda function, I created 54 triggers using rules , I have to create more triggers but when I am adding 1 more triggers , I am getting this error message The final policy size (20539) is bigger than the limit (20480).

How can I increase policy size?

Policy size means the size of the json ?

Answer 1

I had the same issue. You can see the relevant file (that its size exceeded) by opening the lambda console and then navigate to Permissions tab. The Function Policy in the image below is the limited file.

According to AWS support, you can't increase the limit. They suggest to delete the permission per rule and add permission when the SourceArn has a wildcard, for example 'arn:aws:events:{region}:{account}:rule/*'. You can make the expression something more specific according to your needs.

That solved my issue.

Answer 2

I had the same issue. Now you need to check your lambda resources based policy if there are some unwanted Resources, remove it else you can use wildcard Resources for some resources. You can do that only from CLI. That's the way for resolve the issue.

Below commands for remove and add resources:

aws lambda remove-permission  --function-name  <function name> --statement-id <sid>

aws lambda add-permission --function-name <function name> --action lambda:InvokeFunction --statement-id <sid> --principal apigateway.amazonaws.com --source-arn <Source arn>