- Newest
- Most votes
- Most comments
Finally i got it as working
1] role itself added to trusted entities of the role assigned to ec2. 2] From the instance using assume role-generated credentials. 3] used those credentials to generate AWSSIGv4 4] Invoked lambda function url with AWSSIGv4 in lambda function url Auth type iam and resource-based identity permission set with the role in step1.
You need to do the same thing as with an IAM user. You get the Role's credentials and you use them to SigV4 sign the request.
I already tried that way by getting a temporary access key and secret of the IAM role and then used it for generating AWSSIGv4. But got "The security token included in the request is invalid."
Note:- used the key and secret here curl http://169.254.169.254/latest/meta-data/iam/security-credentials/$role to generate AWSSIGv4
Relevant content
- asked a year ago
- asked a month ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago