Thursday, August 04, 2016

Trust Relationship and Policies for AWS API Gateway and Lambdas

Your Policy for the lambda should set up everything your lambda is allowed to do. This includes passing a role.
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1470153553000",
            "Effect": "Allow",
            "Action": [
                "dynamodb:*"
            ],
            "Resource": [
                "arn:aws:dynamodb:us-west-2:439753510372:table/YoYoDyne_Products"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "lambda:InvokeFunction"
            ],
            "Resource": [
                "*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": [
                "arn:aws:logs:*:*:*"
            ]
        },
        {
            "Sid": "Stmt1449789105000",
            "Effect": "Allow",
            "Action": [
                "iam:PassRole"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}
Your policy also needs to have a trust relationship.
{
   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "",
           "Effect": "Allow",
           "Principal": {
               "Service": ["lambda.amazonaws.com", "apigateway.amazonaws.com"]
           },
           "Action": "sts:AssumeRole"
       }
   ]
}

3 comments:

likitha said...

Thank you for your guide to with upgrade information about AWS keep update at
AWS Online Course

maha said...
This comment has been removed by the author.
maha said...

Good Post! it was so good to read and useful to improve my knowledge as an updated one, keep blogging. After seeing your article I want to say that also a well-written article with some very good information which is very useful for the readers....thanks for sharing it and do share more posts like this.

Digital Marketing Training in Chennai

Digital Marketing Course in Chennai