1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
4
Assuming your data access policy is configured properly, make sure your Lambda function's execution role has aoss:APIAccessAll
permissions applied for data-plane access, see Using data-plane policies
répondu il y a un an
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
I have added those into my IAM but still getting a 403 error.
Heres a snippet of my data access policy:
policy = jsonencode([{ "Rules" : [ { "ResourceType" : "index", "Resource" : [ "index/my-data-collection-${var.stage}/*" ], "Permission" : [ "aoss:CreateIndex", "aoss:ReadDocument", "aoss:UpdateIndex", "aoss:WriteDocument", "aoss:*" ]}], "Principal" : [ "arn:${partition}:iam::${account_id}:user/${stage}"]
And a snippet of my IAM: `iamRoleStatements:
Is that the full data access policy? If so, you will need to add the ARN of the Lamaba function's execution role to the
Principal
element.For example