1 個回答
- 最新
- 最多得票
- 最多評論
0
Hello.
What IAM policy is set for the IAM role configured on Lambda?
If you are using rotation to update secrets, you will need a policy called "secretsmanager:RotateSecret".
If you want to update as is, the policy "secretsmanager:UpdateSecret" is required.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html
相關內容
AWS 官方已更新 1 年前- AWS 官方已更新 2 年前
So this script will eventually become the update script called by the rotation process, however, for testing I gave it full write permissions: Allow: secretsmanager:GetSecretValue Allow: secretsmanager:StopReplicationToReplica Allow: secretsmanager:ListSecretVersionIds Allow: secretsmanager:DeleteSecret Allow: secretsmanager:ReplicateSecretToRegions Allow: secretsmanager:RemoveRegionsFromReplication Allow: secretsmanager:DescribeSecret Allow: secretsmanager:PutSecretValue Allow: secretsmanager:UpdateSecretVersionStage Allow: secretsmanager:RestoreSecret Allow: secretsmanager:CreateSecret Allow: secretsmanager:UpdateSecret Allow: secretsmanager:CancelRotateSecret Allow: secretsmanager:GetResourcePolicy Allow: secretsmanager:RotateSecret