- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
For Lamba, you want to use a role and not a user. Lambda always has an "execution role", which is assumed when the function is executed.
Given that you have a Lambda function already, an execution role is most probably already present. What you need to do now is:
- Find the execution role, in the settings of your Lambda function
- Attach the policy you have created
As Nitin has stated already, there's no need to hard-code credentials within your function, since Lambda will request temporary credentials via STS automatically (the key here is "trust policies", the execution role contains a trust policy which allows Lambda to assume this role).
If this still doesn't work, please consult the CloudWatch logs for your Lambda function. They might contain useful information about the root cause of any potential additional issue.
Hi - It would be great to share the policy and also error messages.
Couple of things
- You don't have to hard code your credentials and use roles . See Lambda execution role (https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html)
- The roles should have required policy for the actions
- I would say , see lambda functions logs in cloudwatch for more detailed error message. Reference https://docs.aws.amazon.com/lambda/latest/dg/monitoring-cloudwatchlogs.html
Hello @AWS-User-Nitin, I have updated question with Error and code. But I am not sure how to attach the policy screen shot in question.
I have successfully updated policy screen shots also in my question, kindly do let me know in case of any thing needed, cheers.
Please check if your trust relationship for the lambda policy under "Entities attached" has EC2 as the service.
Also check if your ec2 instance profile also allows access to the lambda- for this check trust relationship of ec2 instance profile policy has the lambda as the service provided.
Once you have set this up, you can access ec2. You don't need to configure your user creds for the API calls.
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
Thank you Michael for letting know. I will do the changes and get back to you, cheers