I am trying to deploy my Django project on anycodings_zappa AWS lambda using Zappa. Here is my anycodings_zappa zappa_settings.json: { "dev": { "aws_region": "us-west-2", "django_settings": "<project_name>.settings", "profile_name": "zappa", "project_name": "<project_name>", "runtime": "python3.6", "s3_bucket": "<s3_bucket_name>", "timeout_seconds": 900, // defaults is 30 seconds "manage_roles": false, "role_name": "ZappaDjangoRole", "role_arn": "arn:aws:iam::<account_id>:role/ZappaDjangoRole", "slim_handler": true } }I get the error Any idea what is causing it and how to fix anycodings_zappa this? My understanding is that Zappa zips anycodings_zappa the entire project and wants to upload it to anycodings_zappa AWS S3 bucket, but it is missing a anycodings_zappa permission when calling the CreateBucket anycodings_zappa operation. I do not understand where this anycodings_zappa permission should go. Inside the IAM, I have created ZappaGroup anycodings_zappa which has permissions using anycodings_zappa ZappaUserGeneralPolicy and anycodings_zappa ZappaUserS3Policy: my ZappaUserGeneralPolicy: { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "lambda:CreateFunction", "s3:ListAccessPointsForObjectLambda", "s3:GetAccessPoint", "lambda:ListVersionsByFunction", "logs:DescribeLogStreams", "route53:GetHostedZone", "events:PutRule", "s3:PutStorageLensConfiguration", "cloudformation:DescribeStackResource", "lambda:GetFunctionConfiguration", "iam:PutRolePolicy", "apigateway:DELETE", "events:ListRuleNamesByTarget", "apigateway:PATCH", "cloudformation:UpdateStack", "events:ListRules", "lambda:DeleteFunction", "events:RemoveTargets", "logs:FilterLogEvents", "apigateway:GET", "events:ListTargetsByRule", "cloudformation:ListStackResources", "iam:GetRole", "events:DescribeRule", "s3:PutAccountPublicAccessBlock", "s3:ListAccessPoints", "apigateway:PUT", "lambda:GetFunction", "s3:ListJobs", "route53:ListHostedZones", "route53:ChangeResourceRecordSets", "cloudformation:DescribeStacks", "s3:ListStorageLensConfigurations", "lambda:UpdateFunctionCode", "events:DeleteRule", "events:PutTargets", "s3:GetAccountPublicAccessBlock", "lambda:AddPermission", "s3:ListAllMyBuckets", "cloudformation:CreateStack", "cloudformation:DeleteStack", "lambda:*", "s3:CreateJob", "apigateway:POST" ], "Resource": "*" }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "iam:PassRole", "s3:*" ], "Resource": [ "arn:aws:s3:::<s3_bucket from zappa_settings.json>", "arn:aws:iam::<account_id>:role/ZappaDjangoRole" ]z } ] }Also, my ZappaUserS3Policy And, my ZappaDjangoRole's Trust anycodings_zappa relationships: { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": [ "events.amazonaws.com", "apigateway.amazonaws.com", "lambda.amazonaws.com" ] }, "Action": "sts:AssumeRole" } ] }And, finally, here is my ZappaRolePolicy: |