1 回答
- 最新
- 投票最多
- 评论最多
0
Secrets Manager uses a Lambda function to rotate a secret. The Lambda function has a resource policy that allows Secrets Manager to invoke it. Secrets Manager calls the Lambda function by invoking an IAM execution role attached to the Lambda function. Permissions for the Lambda function are granted through the IAM execution role as inline policies. If you turn on rotation by using the Secrets Manager console, the Lambda function, resource policy, execution role, and execution role inline policies are created for you.
You can read up more here.
已回答 2 年前
相关内容
- AWS 官方已更新 10 个月前
- AWS 官方已更新 2 年前
Thanks. But when the Lambda finally runs, it must authenticate in the database as a user, right? My question is about the permissions that user needs in MySQL (given by the
GRANT
statement)?