AWS Secrets Manager InvalidRequestException when enabling rotation with cross account lambda on schedule

0

When trying to use a cross account Lambda function (i.e. secret is in Account A and Lambda in Account B) for secret rotation with a set schedule e.g. 90 days the API returns the below error code and message:

InvalidRequestException: The AWS account that owns the Lambda function isn't the AWS account that's trying to invoke the function.

This only occurs if you use the --rotation-rules option to rotate-secret i.e. you can enable rotation without setting rotation rules.

Is this by design or an issue?

matt
asked a year ago132 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions