By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Invoke Lambda function URL

0

How I can invoke a lambda function URL with IAM role? I know how it can be invoked using Auth type as IAM_USER by generating AWSSIGv4.

But not sure or have the step to use the same with an assigned Iam role instead of iam user. Suppose i enable lambda url Auth type as IAM instead of None. Then in the resource-based permission granted function url invoke by using an IAM role X. Then I assigned the iam role X to an EC2 instance.

In this case, what do I need to do to invoke the lambda function URL from the ec2 instance?

Topics
ServerlessComputeSecurity, Identity, & Compliance
Tags
AWS LambdaIAM Policies
Language
English
Manu Sabu
asked a year ago732 views
3 Answers
0
Accepted Answer

Finally i got it as working

1] role itself added to trusted entities of the role assigned to ec2. 2] From the instance using assume role-generated credentials. 3] used those credentials to generate AWSSIGv4 4] Invoked lambda function url with AWSSIGv4 in lambda function url Auth type iam and resource-based identity permission set with the role in step1.

Manu Sabu
answered a year ago
profile picture
EXPERT
Giovanni Lauria
reviewed 5 days ago
0

You need to do the same thing as with an IAM user. You get the Role's credentials and you use them to SigV4 sign the request.

profile pictureAWS
EXPERT
Uri
answered a year ago
0

I already tried that way by getting a temporary access key and secret of the IAM role and then used it for generating AWSSIGv4. But got "The security token included in the request is invalid."

Note:- used the key and secret here curl http://169.254.169.254/latest/meta-data/iam/security-credentials/$role to generate AWSSIGv4

Manu Sabu
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content