AccessDeniedException InvokeFunction
rsavjani opened this issue · 0 comments
Background
Running latest version of StreamAlert with 1 cluster
Description
When AlertMerger invokes the alert processor it gets IAM access denied based on the policy StreamAlert created.
Its missing the :production tag on the policy. See below:
[ERROR] ClientError: An error occurred (AccessDeniedException) when calling the Invoke operation: User: arn:aws:sts::xxxxxxxxxxx:assumed-role/xxxxx_streamalert_alert_merger_role/xxxxxx_streamalert_alert_merger is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:eu-west-2:xxxxxxxxx:function:xxxxxx_streamalert_alert_processor:production because no identity-based policy allows the lambda:InvokeFunction action
Steps to Reproduce
Do action that triggers a rule
Desired Change
Code change to fix IAM policy