1 Answer
- Newest
- Most votes
- Most comments
0
Check the resource-based policy statement on your lambda version. It should look something like below. Each lambda version can have different permissions so you may need to add it to each. If you need to use lambda versions you could simplify things by creating a lambda alias, then you can set the policy on and then point it to the version you want to use (so you don't have to keep ensuring each version has the permissions you want).
{ "Version": "2012-10-17", "Id": "default", "Statement": [ { "Sid": "lex-lambda-invokeFunction", "Effect": "Allow", "Principal": { "Service": "lexv2.amazonaws.com" }, "Action": "lambda:invokeFunction", "Resource": "<lambdaARN>", "Condition": { "StringEquals": { "AWS:SourceAccount": "<awsAccount>" }, "ArnLike": { "AWS:SourceArn": "<botAliasArn>" } } } ] }
If you have a specific botAliasArn in the "ArnLike" then ensure all the botAliases you need are included.
answered 2 months ago
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago
I found the answer, is by taking the same permission already passed in the original lambda function and to pass it to the the new lambda version permission