Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Cross-account Lambda Invocation

0

I have a main management account and I want to access information in a another account through a Lambda function. Let an imaginary use case be pushing an object into an S3 bucket in the main account which contains S3 bucket information of all the sub-accounts. How would I achieve this if the whole system is managed by AWS Organizations?

Topics
ServerlessManagement & GovernanceComputeSecurity, Identity, & Compliance
Tags
AWS Identity and Access ManagementAWS Account ManagementAWS Lambda
Language
English
asked a year ago113 views
1 Answer
1
Accepted Answer

Hello.

I think the following documentation will be helpful.
To access S3 in another account from Lambda in the main account, you need to set the S3 bucket policy to allow Lambda's IAM role.
https://repost.aws/knowledge-center/access-denied-lambda-s3-bucket

Alternatively, you can access the S3 bucket by configuring the Lambda IAM role to assume the IAM role of the AWS account that owns the S3 bucket, as described in the following document.
https://repost.aws/knowledge-center/lambda-function-assume-iam-role

EXPERT
answered a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content