Need assistance in comprehending the process of utilizing "assume role" to access CloudWatch metrics and subsequently save them in an S3 bucket.

0

Hi Team- I need assistance with using "assume role" to access CloudWatch metrics, retrieve the necessary data, and save it to an S3 bucket. I've created a Python script for this purpose, but I'm facing issues as no data is being successfully stored in S3. Can anyone guide me on how to accomplish this task?

Code Link: https://tiny.amazon.com/oyoebtv3/paste

1 Answer
0

Good morning!

You need to make sure your lambda role have permission in its policy to the following APIs:

To pull the metric data out of CloudWatch ListMetrics GetMetricData GetMetricStatistics

AND

To write into S3 give it a look to the example below, it will show you the permissions you need:

S3 Example : https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_rw-bucket.html

Also, if your lambda is going cross account make sure you have a role with those permissions in the other account that can be assume by the account where your lambda lives.

AWS
Oscar D
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions