1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Secrets Manager uses a Lambda function to rotate a secret. The Lambda function has a resource policy that allows Secrets Manager to invoke it. Secrets Manager calls the Lambda function by invoking an IAM execution role attached to the Lambda function. Permissions for the Lambda function are granted through the IAM execution role as inline policies. If you turn on rotation by using the Secrets Manager console, the Lambda function, resource policy, execution role, and execution role inline policies are created for you.
You can read up more here.
답변함 2년 전
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
Thanks. But when the Lambda finally runs, it must authenticate in the database as a user, right? My question is about the permissions that user needs in MySQL (given by the
GRANT
statement)?