0

Somehow my AWS Access Key and Secret Access Key became public. I figured out where the vulnerability came from and fixed it. However, I still needed to change my access keys. So, I created new keys and made the old ones inactive.

Now I cannot edit, create, or remove any of my Lambda functions. I get a Request 403 error every time. All of the other AWS services I use (S3, EC2, DynamoDB, etc.) work perfectly fine. I have even tried making the old keys active while deactivating the new keys and I still have the issue.

Anyone else run into this issue or have any ideas how to fix this? I checked security groups and permissions on the Lambdas and I should have access to them all as I am the root user and overall administrator for the account.

bwc
  • 1,732
  • 1
  • 14
  • 27
  • Are you editing etc. in the console or via the CLI? – Robert Kossendey Nov 10 '20 at 08:12
  • @RobertKoss I’ve been doing both, but only console for lambda specific tasks. Only really using CLI for standing up my EC2 instances – bwc Nov 10 '20 at 08:32
  • 5
    The access and secret keys are only for CLI and SDK use, not console. You should also change your IAM user password for console. – Marcin Nov 10 '20 at 08:37
  • It sounds like the failure to modify your Lambda functions is unrelated to your credential rotation. Check the policies associated with your IAM user and any resource policies on the Lambda functions. – jarmod Nov 10 '20 at 13:47
  • And a quick tip, it sounds like you are using the actual root account, which you should not! You should create a separate IAM user for yourself. – Robert Kossendey Nov 10 '20 at 13:55

0 Answers0