Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
b
better-translator-47169
05/26/2023, 1:50 AMHello all. I am trying to deploy a lambda (A) and inside that lambda invoke another already existing lambda (B). When I invoke A, and check A's logs, it tells me that the user used to deploy the lambdas (as in the Pulumi provider) is not authorized to perform: lambda:InvokeFunction on resource: B. I am wondering why it is trying to use the Pulumi user to invoke B instead of the role that it has configured already on A. No permissions that I add on A's role seem to do anything. The lambda seems determined to try and use the Pulumi provider user to invoke. Anyone encounter this?
For those wondering, I was attempting to use the invoke method on an aws.sdk.Lambda service object, but the problem was that I was instantiating this outside of the lambda in the pulumi code, hence it was using a service object constructed by the provider user. Moving the call to instantiate inside of the lambda fixed this.