0

I'm working on a lambda with AWS account A, and I need to access an S3 bucket under AWS account B, which is not managed by a CDK.

Lambda (A) -> S3 Bucket (B)

I know that I can log into B's account and manually add bucket policies to the S3 bucket to allow account A's access.

But how could I use Account A's CDK to automate this process, assuming that the S3 bucket under Account B isn't managed by any CDK.

ProtossShuttle
  • 1,623
  • 20
  • 40
  • https://stackoverflow.com/a/60321373/13126651, its a reference, modifiy it for cross account and lambda as recource, for python code https://stackoverflow.com/a/68294998/13126651 – Jatin Mehrotra Feb 01 '22 at 03:17
  • @Jatin Thanks, does it work for cross-account scenario? CDK is under account A but the bucket is under account B – ProtossShuttle Feb 01 '22 at 03:19
  • I think it should work, my recommendation wuld be first genrate a cross account policy and then try modifying the answer i gave, if it doenst work try asking over here https://chat.stackoverflow.com/rooms/214788/aws-chat, sombody will definitely help you – Jatin Mehrotra Feb 01 '22 at 03:20
  • I don't think you easily can. Cdk uses cloudformation to manage resources, but cloudformation can't operate in more than one account at a time. Do it in the bucket automation. – erik258 Feb 01 '22 at 03:20

0 Answers0