1 Answer
- Newest
- Most votes
- Most comments
0
Good morning!
You need to make sure your lambda role have permission in its policy to the following APIs:
To pull the metric data out of CloudWatch ListMetrics GetMetricData GetMetricStatistics
AND
To write into S3 give it a look to the example below, it will show you the permissions you need:
S3 Example : https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_rw-bucket.html
Also, if your lambda is going cross account make sure you have a role with those permissions in the other account that can be assume by the account where your lambda lives.
- Here it's a good example: https://repost.aws/knowledge-center/lambda-function-assume-iam-role
answered a year ago
Relevant content
- Accepted Answerasked 7 years ago
- asked 10 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 3 years ago