Hello. I have a Java lambda function where I'm attempting to post a websocket message to the API Gateway. I'm getting the following exception:
com.amazonaws.services.apigatewaymanagementapi.model.AmazonApiGatewayManagementApiException: User: arn:aws:sts::413853753523:assumed-role/ConversationProc/WebsocketHandler is not authorized to perform: execute-api:ManageConnections on resource: arn:aws:execute-api:us-east-2:********3523:<API ID>/dev/POST/@connections/{connectionId} (Service: AmazonApiGatewayManagementApi; Status Code: 403; Error Code: AccessDeniedException; Request ID: 6f882ee6-3c65-11e9-973a-873e7d03048e)
However, I have an IAM policy configured for the role ConversationProc that should provide full access to execute-api:
"execute-api:*",
Any idea why I'm still being rejected?
AWS 공식업데이트됨 일 년 전
