1 回答
- 最新
- 投票最多
- 评论最多
4
Assuming your data access policy is configured properly, make sure your Lambda function's execution role has aoss:APIAccessAll
permissions applied for data-plane access, see Using data-plane policies
已回答 1 年前
相关内容
- AWS 官方已更新 1 年前
- AWS 官方已更新 3 年前
I have added those into my IAM but still getting a 403 error.
Heres a snippet of my data access policy:
policy = jsonencode([{ "Rules" : [ { "ResourceType" : "index", "Resource" : [ "index/my-data-collection-${var.stage}/*" ], "Permission" : [ "aoss:CreateIndex", "aoss:ReadDocument", "aoss:UpdateIndex", "aoss:WriteDocument", "aoss:*" ]}], "Principal" : [ "arn:${partition}:iam::${account_id}:user/${stage}"]
And a snippet of my IAM: `iamRoleStatements:
Is that the full data access policy? If so, you will need to add the ARN of the Lamaba function's execution role to the
Principal
element.For example