2 Answers
- Newest
- Most votes
- Most comments
0
Hi,
the right way is to use only the Lambda execution role after granting it the right credentials for the services that you need.
See https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html
You provide an execution role when you create a function. When you invoke your function,
Lambda automatically provides your function with temporary credentials by assuming this role.
You don't have to call sts:AssumeRole in your function code.
Best,
Didier
Relevant content
- Accepted Answerasked 4 years ago
- Accepted Answerasked 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a month ago
An error occurred (AccessDenied) when calling the GetSessionToken operation: Cannot call GetSessionToken with session credentials
I getting this when trying to call sts_client.get_session_token()