CognitoIdentityCredentials, Access Denied error, not authorized to perform iam:PassRole???

[icbdbmtbqinoot]

Hi,
I am using cognito federated identity ID unauthorized version to set AWS credentials.
I already granted all the permissions for Cognito_myPoolNameUnauth_Role.
And it seems like other services like putting object in s3 bucket or creating dynamoDB table have
no problem. Everything works well except for creating lambda function code.
I get the same error again and again even after role is set properly for lambda.

Is this cognito identity credentials problem or iam problem?
I don't understand why iam role will have authorization error of iam:passrole
with all the permissions given.
Please help me find solution.
Thank you!

error : AccessDeniedException: User: arn:aws:sts:::assumed-role/Cognito_myPoolNameUnauth_Role/CognitoIdentityCredentials is not authorized to perform: iam:PassRole on resource: arn:aws:iam::*****:role/lambda_basic_execution

[yishafang]

Do you grant your IAM user the "iam:PassRole" permission?

[icbdbmtbqinoot]

Yes, I granted "iam:PassRole" permission.
it has the same error, even when I granted every AWS permission.