1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
4
Assuming your data access policy is configured properly, make sure your Lambda function's execution role has aoss:APIAccessAll
permissions applied for data-plane access, see Using data-plane policies
답변함 일 년 전
관련 콘텐츠
- 질문됨 7달 전
I have added those into my IAM but still getting a 403 error.
Heres a snippet of my data access policy:
policy = jsonencode([{ "Rules" : [ { "ResourceType" : "index", "Resource" : [ "index/my-data-collection-${var.stage}/*" ], "Permission" : [ "aoss:CreateIndex", "aoss:ReadDocument", "aoss:UpdateIndex", "aoss:WriteDocument", "aoss:*" ]}], "Principal" : [ "arn:${partition}:iam::${account_id}:user/${stage}"]
And a snippet of my IAM: `iamRoleStatements:
Is that the full data access policy? If so, you will need to add the ARN of the Lamaba function's execution role to the
Principal
element.For example