Describe RDS Snapshot from a different account

Is it possible to describe and remove snapshots within account B using a Lambda function from account A? If so, what IAM permissions are required on what account?

主题

无服务器计算安全、身份和合规性

标签

AWS Lambda IAM 策略

语言

English

Aaron

已提问 2 个月前205 查看次数

1 回答

最新
投票最多
评论最多

这些答案有用吗？为正确答案投票，以帮助社区从您的知识中受益。

已接受的回答

Best practice would be for your lambda function to assume a role in account B from Account A. Make sure the Role in account B has the correct IAM permissions that allows it to perform actions on snapshots.

Account A lambda execution role will need STS Assume permissions against role in Account B.

专家

Gary Mclean

已回答 2 个月前

支持工程师

Yokesh NK

已审核 2 个月前

Aaron
2 个月前
Thanks Gary, much appreciated. I got it working.

Describe RDS Snapshot from a different account

相关内容