I suppose that it is not a secret now that Serverless is quite popular nowadays. I still prefer to use a more old-school approach with the classic applications (in my case Rails apps) but it turned out quite convenient in some cases.
So what was the task:
- write the Lambda that should read data from the Athema table and check and do some stuff.
When you create a lambda by default it has very limited permissions. If you want your lambda to make requests to Athena tables you need to add next permissions:
- "athena:StartQueryExecution"
- "athena:GetQueryExecution"
- "athena:GetQueryResults"
- "athena:GetDataCatalog"
that allows a lambda call athens APIs, but probably you will need to add more: permissions for S3 and in some cases for Glue.
But if you have datacatalog that reflects any RDS tables you have to add special permission:
- "lambda:InvokeFunction"
because access to RDS tables happens via a special lambda connector. Unfortunately, the error message doesn't explicitly say about it, requests just fail if a lambda doesn't have this permission.
Top comments (0)