1

I am trying to call Amazon connect SDK Javascript V3 via lambda and my amazon connect instance is in another account. I am using sts assume role for cross-account access but i am having an error on resource not found. I am attaching my code so someone could help me. Thanks.

let { ConnectClient, SearchUsersCommand } = require("@aws-sdk/client-connect");

let { STSClient, AssumeRoleCommand } = require("@aws-sdk/client-sts");

let stsClient = new STSClient({ region: "eu-central-1" });


exports.handler = async function(event, context, callback) {

    let params;

    var stsParams = {
        RoleArn: "arn:aws:iam::xxxxxxxx:role/Cross-Account-Role",
        DurationSeconds: 1200,
        RoleSessionName: "RoleSessionName" // any string
    };
    let stsCommand = new AssumeRoleCommand(stsParams);
    const stsResp = await stsClient.send(stsCommand);
    console.log({ stsResp });
    let client = new ConnectClient({
        region: "eu-central-1",
        accessKeyId: stsResp.Credentials.AccessKeyId,
        secretAccessKey: stsResp.Credentials.SecretAccessKey,
        sessionToken: stsResp.Credentials.SessionToken,
    })
    // let client = await new ConnectClient(credentials);
    console.log({ client });

    params = {
        InstanceId: "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx",
        MaxResults: 100
    };

    const command = new SearchUsersCommand(params);
    console.log({command});

    const resp = await client.send(command);
    console.log({resp});

    console.log("Users list", resp);
}
Tayyab
  • 329
  • 1
  • 16

1 Answers1

4

var stsParams = {
            RoleArn: Role,
            DurationSeconds: 1200,
            RoleSessionName: RoleSessionName // any string
        };
        let stsCommand = new AssumeRoleCommand(stsParams);
        const stsResp = await stsClient.send(stsCommand);
        console.log({ stsResp });
        client = new ConnectClient({
            region: Region,
            credentials: {
                accessKeyId: stsResp.Credentials.AccessKeyId,
                secretAccessKey: stsResp.Credentials.SecretAccessKey,
                sessionToken: stsResp.Credentials.SessionToken,
            }
        })
Tayyab
  • 329
  • 1
  • 16
  • 3
    Thanks Tayyab. Anybody else running across this owes this guy a beer. Whatever religious zealotry of camel versus Pascal case would encourage Amazon to make you transform the credential case for the output of AssumeRole is beyond sanity. Tayyab, you ever make it to Texas, hit me up, beer and brisket on me. – Jason Mar 24 '23 at 22:33