- Newest
- Most votes
- Most comments
Hi,
I understand you would like to know how to fix the particular error you are running into. The error is coming from the S3 bucket policy. ("Invalid principal in policy (Service: Amazon S3; Status Code: 400; Error Code: MalformedPolicy;")
It means the value of a Principal in your S3 bucket policy created from the solution is not valid. To resolve this error, follow the instructions here:
• https://repost.aws/knowledge-center/s3-invalid-principal-in-policy-error
I hope this helps. Let me know if I answered your question or if you have any follow-up.
Kind regards, Ahmed
References: [1] https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html#BucketPolicies [2] https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-iam-policies.html#specifyingPrincipals
From the blog listed in the query, Lamba function which converts Security hub findings in CSV and write to S3 bucket. Based on the error message - it seems that you are missing bucket policy on S3 to allow for lambda execution role to have write access to the bucket. Follow the instruction @ **https://repost.aws/knowledge-center/lambda-execution-role-s3-bucket **which provides example policy to grant Lamdba execution role access to S3 bucket.
Relevant content
- asked a year ago
- asked a year ago
- asked 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago