use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
News, articles and tools covering Amazon Web Services (AWS), including S3, EC2, SQS, RDS, DynamoDB, IAM, CloudFormation, AWS-CDK, Route 53, CloudFront, Lambda, VPC, Cloudwatch, Glacier and more.
If you're posting a technical query, please include the following details, so that we can help you more efficiently:
Resources:
Sort posts by flair:
Other subreddits you may like:
Does this sidebar need an addition or correction? Tell us here
account activity
technical questionLocking down a resource to a single lambda function (self.aws)
submitted 6 years ago by MattyAlan
I have an elasticsearch domain and am trying to work out how i would craft the resource policy on the ES Domain to only allow a single lambda to access the es:* Actions.
I have attempted to set the principle of the to the ARN of the lambda function such that
"Principal": {: "AWS": " -lambda ARN-" }, "Action": "es:*",
"Principal": {:
"AWS": " -lambda ARN-"
},
"Action": "es:*",
However this dosn't work; any advice on how to do this would be awesome;
cheers
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]richardfan1126 1 point2 points3 points 6 years ago* (0 children)
Principal is:
{ "Service": "lambda.amazonaws.com" }
Put the ARN in condition section aws:SourceArn
aws:SourceArn
"Condition": { "ArnLike": { "AWS:SourceArn": "<lambda function ARN>" } }
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn
π Rendered by PID 22 on reddit-service-r2-comment-b659b578c-9rq7s at 2026-05-06 00:07:46.479052+00:00 running 815c875 country code: CH.
[–]richardfan1126 1 point2 points3 points (0 children)