diff --git a/cdk/lib/api-publishment-stack.ts b/cdk/lib/api-publishment-stack.ts
index da77e337..ce49935f 100644
--- a/cdk/lib/api-publishment-stack.ts
+++ b/cdk/lib/api-publishment-stack.ts
@@ -39,6 +39,11 @@ export class ApiPublishmentStack extends Stack {
     const handlerRole = new iam.Role(this, "HandlerRole", {
       assumedBy: new iam.ServicePrincipal("lambda.amazonaws.com"),
     });
+    handlerRole.addManagedPolicy(
+      iam.ManagedPolicy.fromAwsManagedPolicyName(
+        "service-role/AWSLambdaBasicExecutionRole"
+      )
+    );
     handlerRole.addToPolicy(
       // Assume the table access role for row-level access control.
       new iam.PolicyStatement({
diff --git a/cdk/lib/constructs/api.ts b/cdk/lib/constructs/api.ts
index 0c003ec7..c773dd8c 100644
--- a/cdk/lib/constructs/api.ts
+++ b/cdk/lib/constructs/api.ts
@@ -56,6 +56,11 @@ export class Api extends Construct {
     const handlerRole = new iam.Role(this, "HandlerRole", {
       assumedBy: new iam.ServicePrincipal("lambda.amazonaws.com"),
     });
+    handlerRole.addManagedPolicy(
+      iam.ManagedPolicy.fromAwsManagedPolicyName(
+        "service-role/AWSLambdaBasicExecutionRole"
+      )
+    );
     handlerRole.addToPolicy(
       // Assume the table access role for row-level access control.
       new iam.PolicyStatement({
diff --git a/cdk/lib/constructs/websocket.ts b/cdk/lib/constructs/websocket.ts
index 3f202846..cb69a820 100644
--- a/cdk/lib/constructs/websocket.ts
+++ b/cdk/lib/constructs/websocket.ts
@@ -62,6 +62,11 @@ export class WebSocket extends Construct {
     const handlerRole = new iam.Role(this, "HandlerRole", {
       assumedBy: new iam.ServicePrincipal("lambda.amazonaws.com"),
     });
+    handlerRole.addManagedPolicy(
+      iam.ManagedPolicy.fromAwsManagedPolicyName(
+        "service-role/AWSLambdaBasicExecutionRole"
+      )
+    );
     handlerRole.addToPolicy(
       // Assume the table access role for row-level access control.
       new iam.PolicyStatement({