Home > Net >  Give AWS Lambda an AWS Managed Policy with CDK
Give AWS Lambda an AWS Managed Policy with CDK

Time:01-27

I have a Lambda function defined in CDK. I'm using this Lambda to invoke a State Machine and for that I would need to provide it some Policies. The way I tried was the following:

const stepFunctionsPolicy = new PolicyStatement({
      effect: Effect.ALLOW,
      actions: ["states:*"],
      resources: ['*']
})

MachineLambda.addToRolePolicy(stepFunctionsPolicy) //Added the Policy to the Lambda's Role

This is a workaround, but ideally, I would like to provide AWS Managed Policies, instead of manually defining each policy, to this Lambda function (specifically the AWSStepFunctionsFullAccess)?

CodePudding user response:

The question specifically asks how to add the AWSStepFunctionsFullAccess managed policy to the Lambda's role. This allows the Lambda to perform CRUD operations on all step functions:

machineLambda.role?.addManagedPolicy(
   iam.ManagedPolicy.fromAwsManagedPolicyName("AWSStepFunctionsFullAccess")
);

Consider granting the Lambda narrow permissions instead, following the IAM least privilege permissions security best practice:

myStateMachine.grantExecution(machineLambda);

Page link:https//www.codepudding.com/net/684704.html

Prev:How can I add multiple inline policy on AWS permission set using terraform?
Next:How to reference SAM Conditions in the AWS:IAM:Role Statement Condition
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding