1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Secrets Manager uses a Lambda function to rotate a secret. The Lambda function has a resource policy that allows Secrets Manager to invoke it. Secrets Manager calls the Lambda function by invoking an IAM execution role attached to the Lambda function. Permissions for the Lambda function are granted through the IAM execution role as inline policies. If you turn on rotation by using the Secrets Manager console, the Lambda function, resource policy, execution role, and execution role inline policies are created for you.
You can read up more here.
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
Thanks. But when the Lambda finally runs, it must authenticate in the database as a user, right? My question is about the permissions that user needs in MySQL (given by the
GRANT
statement)?