- Newest
- Most votes
- Most comments
There are two many steps to describe here in detail. Here is a great article that helped me with this situation: https://medium.com/@tturnbull/passing-data-between-lambdas-with-aws-step-functions-6f8d45f717c3
Hope this helps, if so please accept this answer.
Hi, They are multiple security / compliance reasons why you don't want to share such STS token: traceability, least privilege, etc.
So, why don't you individually grant each Lambda of your Step Function the rights to do what it needs to do in a role specific to this Lambda?
You will probably be much better of by going on this path.
This short article provides good guidance on this approach: https://serverlessland.com/content/service/lambda/guides/aws-lambda-operator-guide/specialized-all-purpose
Best,
Didier
@Didier Thanks for the quick response. In my current design, I generate separate tokens within the individual lambda. I wasen't sure if that is best practice or if should I consider any other approach of creating a common class and use it in each lambda.
Relevant content
- asked 5 days ago
- Accepted Answerasked 4 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 5 months ago
Hi @Bryant Thanks for your response. I already use the event to pass the data from one lambda to another in the Step function. But I am more interested in sharing the STS token and do not want to pass it with output as this will be logged in the state machine logs.