skip to Main Content

I have created a basic lambda with lambda function url.

auth_type = aws_iam

allowed permissions for ec2 role in lambda resource based policy.

created a role to ec2 instance with full lambda permissions in the policy and attached it to the ec2 instance.

While invoking it from ec2 as below its getting forbidden error.

curl "https://<url-id>.lambda-url.<region>.on.aws"

I have tried with auth_type as none. Its working, but not working when i try with auth_type as aws_iam.

2

Answers


  1. As explained in the docs, to invoke a lambda url with AWS_IAM, you have to sign your url request by constracting special URL which has your signature. Please check docs on how to construct a valid signature for URL requests.

    Login or Signup to reply.
  2. Just to add more details to the previous answer, you can invoke Lambda URL using the following command:

    curl --aws-sigv4 "aws:amz:<REGION>:lambda" 
          --user "<ACCESS-KEY-ID>:<SECRET-KEY-ID>" 
          'https://<URL-ID>.lambda-url.<REGION>.on.aws/?message=HelloWorld' 
          -H 'content-type: application/json' 
          -d '{ "key": "value" }'
    

    I added frequently used parameters to the request in case you need to pass them as well.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search