英文:
AWS API Gateway : Allowing access to API from a lamba function in another AWS account
问题
我已创建了一个使用Lambda和API Gateway的REST API。
我想要为这个API授予另一个在另一个AWS帐户中运行的Lambda函数访问权限。
我考虑创建此API的基于IAM的授权
。但我不确定跨AWS帐户的IAM授权是否可行?
有更好的建议吗?
英文:
I have created a REST API using lambda and API gateway.
I want to give access for this API to another lambda function which is running in another AWS account.
I was thinking to create IAM based authorisation
for this API. But I am not sure if this cross-AWS account based IAM authorisation is feasible?
Any better suggestions?
答案1
得分: 1
你可以在目标帐户中扮演一个角色,然后使用临时凭证直接调用Lambda函数。这种方法不需要与API网关集成。
如果API是公开可用的,你还可以从任何地方使用IAM身份验证。你将需要存储指定的凭证。
参考链接:
https://aws.amazon.com/premiumsupport/knowledge-center/lambda-function-assume-iam-role/
英文:
You can assume a role in the target account and then invoke the lambda directly using the temporary credentials. This method does not require an integration with API gateway.
You can also use IAM Authentication from anywhere if the API is publicly available. You will have to store the designated credentials.
Reference:
https://aws.amazon.com/premiumsupport/knowledge-center/lambda-function-assume-iam-role/
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论