Need assistance in comprehending the process of utilizing "assume role" to access CloudWatch metrics and subsequently save them in an S3 bucket.


Hi Team- I need assistance with using "assume role" to access CloudWatch metrics, retrieve the necessary data, and save it to an S3 bucket. I've created a Python script for this purpose, but I'm facing issues as no data is being successfully stored in S3. Can anyone guide me on how to accomplish this task?

Code Link:

1 Answer

Good morning!

You need to make sure your lambda role have permission in its policy to the following APIs:

To pull the metric data out of CloudWatch ListMetrics GetMetricData GetMetricStatistics


To write into S3 give it a look to the example below, it will show you the permissions you need:

S3 Example :

Also, if your lambda is going cross account make sure you have a role with those permissions in the other account that can be assume by the account where your lambda lives.

Oscar D
answered 12 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions