AWS Lambda未被授权执行权限列表中列出的操作。

我有一个非常简单的 AWS Lambda 函数 - 只是列出我所有的 CloudWatch 事件:

import boto3

def lambda_handler(event, context):
    client = boto3.client("events")
    return client.list_rules()

然而，当我尝试运行它（使用空的测试事件：{}）时，我遇到了以下权限异常：

An error occurred (AccessDeniedException) when calling the ListRules operation:
User: arn:aws:sts::123321123321:assumed-role/lambda+basicEvents/lambdaName 
is not authorized to perform: events:ListRules 
on resource: arn:aws:events:eu-west-1:123321123321:rule/*

我已将此策略附加到 Lambda 执行角色上（我可以在 Lambda 的权限选项卡中看到列出的操作）：

{
  "document": {
    "Version": "2012-10-17",
    "Statement": [
      {
        "Sid": "BasicCloudWatchEventsManager",
        "Effect": "Allow",
        "Action": [
          "events:DescribeRule",
          "events:EnableRule",
          "events:PutRule",
          "events:ListRules",
          "events:DisableRule"
        ],
        "Resource": "arn:aws:events:*:*:rule/[*/]*"
      }
    ]
  },
  "name": "BasicCloudWatchEventsManager",
  "id": "SOME7LONG7ID",
  "type": "managed",
  "arn": "arn:aws:iam::123321123321:policy/BasicCloudWatchEventsManager"
}

我使用提供的可视化编辑器进行策略构建，仅手动更改了sid。

有什么线索可能丢失了吗？