Having a permission error when invoking a function from the other function (AccessDeniedException)

I have two functions in a job file, one is job_a and another is job_b. Now job_a executes job_b as perform_later, which executes a new lambda function, however, the execution fails due to a permission error.

RubyError: Aws::Lambda::Errors::AccessDeniedException: User: arn:aws:sts::771585002795:assumed-role/gitlab-serverless-runner-dev-IamRole-1GS1EZOIN7VVJ/gitlab-serverless-runner-dev-runner_job-request_jobs is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:ap-southeast-1:771585002795:function:gitlab-serverless-runner-dev-runner_job-execute_job

At this moment, I have no clue how to pursue this investigation. Any help would be appreciated. Thanks.

The job (a lambda function) is calling another lambda function. So the job lambda function needs IAM access to call lambda. Docs:



class HardJob < ApplicationJob
  class_timeout 300 # 300s or 5m, current Lambda max is 15m

  iam_policy "lambda" # adds IAM permission/access
  rate "10 hours" # every 10 hours
  def dig
    puts "done digging"
    # calls another lambda function...

Thank you for advice! It worked!