How to access secret manager with boto3 and rds-data

Asked Mar 22 '21 at 03:21

Active Mar 22 '21 at 03:21

Viewed 716 times

In a chalice route, I'm using boto3 to execute queries against my RDS Aurora Serverless DB cluster. This works as expected locally ($ chalice local) but when deployed on Lamdba I receive the error: An error occurred (BadRequestException) when calling the ExecuteStatement operation: Failed to fetch secret arn:aws:secretsmanager:us-west-2...

I've updated a variety of policies between the VPC following the instructions here https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html?icmpid=docs_lambda_help.

boto3.client('rds-data').execute_statement( resourceArn = cluster_arn, secretArn = secret_arn, database = 'XXX', sql = sql, # sql string )

asked Mar 22 '21 at 03:21

lovelikelando

7,593
6
32
50

1

Lambda function in VPC does not have access to internet, thus it will not access secret manager. Have you ensured access using NAT gateway or interface endpoints? – Marcin Mar 22 '21 at 03:29
1

I have configured both a private and public subnet for my VPC, created a couple new route tables, created the NAT and internet gateway, and then attached the lambda to the private VPC. https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/ – lovelikelando Mar 22 '21 at 04:50

How to access secret manager with boto3 and rds-data

0 Answers0