How should the developer resolve this issue?

A developer is building an event-driven application by using AWS Lambda and Amazon EventBridge.The Lambda function needs to push events to an EventBridge event bus.The developer uses an SDK to run the PutEvents EventBridge action and specifies no credentials in the code.After deploying the Lambda function, the developer notices that the function is failing and there are AccessDeniedException errors in the logs.

How should the developer resolve this issue?

Configure a VPC peering connection between the Lambda function and EventBridge.

Modify their AWS credentials to include permissions for the PutEvents EventBridge action.

Modify the Lambda function execution role to include permissions for the PutEvents EventBridge action.

Add a resource-based policy to the Lambda function to include permissions for the PutEvents EventBridge action.

Explanations:

A VPC peering connection is not relevant for accessing EventBridge from Lambda. EventBridge is a regional service that can be accessed over the internet, so network connectivity issues typically do not arise.

Modifying AWS credentials is not the right approach here, as the Lambda function runs under an execution role, not with hard-coded credentials. Permissions need to be assigned to this execution role instead.

The Lambda function execution role must have permissions to invoke the PutEvents action on EventBridge. By modifying this role to include the necessary permissions, the AccessDeniedException will be resolved.

Resource-based policies are used to grant permissions directly to a resource, like allowing EventBridge to invoke a Lambda function. However, they do not apply in this scenario where Lambda needs permission to put events into EventBridge.

Learn & move to cloud

How should the developer resolve this issue?

Explanations:

Leave a Reply Cancel reply