We will be signing into the AWS Management Console. The reason we are using the Management Console first is to give you a better understanding of how Lambda functions work, and how they integrate with the other AWS services, such as API Gateway and DynamoDB. In later chapters, we will show you how to deploy Lambda functions using the AWS CLI. If you are a first-timer to Lambda, then I always find it useful to first create a full serverless stack manually in the Management Console to gain a better and deeper understanding than, say, have a magic command spin up the full AWS infrastructure!

We are going to first use the AWS Management Console to create the Lambda IAM role and policies, so that the Lambda function can access DynamoDB, and also write any logs or any statuses to CloudWatch. The Management Console, which we used earlier, in Chapter 1, Serverless Microservices Architectures and Patterns, allows you to centrally control all of the AWS services, create roles, and even create Lambda functions. In terms of the architecture for the serverless microservice, we are starting with the right part of the following diagram first, and building the rest step by step.

The following diagram shows the data API Lambda IAM:

Create two IAM policies and attach them to a new Lambda IAM role next.