Is it possible to configure S3 bucket to run a Lambda function created in a different account? Basically what I'm trying to accomplish is that when new items are added to S3 bucket I want to run a lambda function in another account
To have your Amazon S3 bucket invoke a Lambda function in another AWS account, do the following: 1. Update your Lambda function's resource-based permissions policy to grant invoke permission to Amazon S3.
You can create a Role in account B and permit your User (in account A) to assume it. Create a Role in account A that will be used by your AWS Lambda function. Create a Role in account B with a role type of Role for Cross-Account Access. Assign the desired permissions to use Route 53 in account B.
You can do this by providing the full Lambda Function ARN to your S3 bucket. For example inside your bucket settings in the AWS Console:
This article will help you configure the correct IAM for cross account invocation. Also take a look at the AWS Lambda Permissions Model. Note that as far as I know the bucket and the Lambda function have to be in the same region!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With