Describe RDS Snapshot from a different account

Is it possible to describe and remove snapshots within account B using a Lambda function from account A? If so, what IAM permissions are required on what account?

主題

無伺服器運算安全性、身分識別與合規

標籤

AWS Lambda IAM 政策

語言

English

Aaron

已提問 2 個月前檢視次數 205 次

1 個回答

最新
最多得票
最多評論

這些答案是否有幫助？支持正確答案，以幫助社區從您的知識中受益。

已接受的答案

Best practice would be for your lambda function to assume a role in account B from Account A. Make sure the Role in account B has the correct IAM permissions that allows it to perform actions on snapshots.

Account A lambda execution role will need STS Assume permissions against role in Account B.

專家

Gary Mclean

已回答 2 個月前

支援工程師

Yokesh NK

已審閱 2 個月前

Aaron
2 個月前
Thanks Gary, much appreciated. I got it working.

Describe RDS Snapshot from a different account

相關內容