'Sending data to AWS Kinesis stream cross-accounts with Lambda
I'm trying to send data to a Kinesis stream from 1 AWS account to another account with Lambda. I tried to use assume-role and my code is:
assumed_role_object = self.sts_client.assume_role(
RoleArn="arn:aws:iam::XXXXXXXXXXX:role/cross-account-access",
RoleSessionName="AssumeRoleSession"
)
credentials = assumed_role_object['Credentials']
kinesis_resource = boto3.resource(
'kinesis',
aws_access_key_id=credentials['AccessKeyId'],
aws_secret_access_key=credentials['SecretAccessKey'],
aws_session_token=credentials['SessionToken'],
)
kinesis_resource.put_record(StreamName='StreamName',
Data=encoded,
PartitionKey=partition_key,
ExplicitHashKey='string',
SequenceNumberForOrdering='string'
)
and I get this error:
ResourceNotExistsError: The 'kinesis' resource does not exist. The available resources are:
- cloudformation
- cloudwatch
- dynamodb
- ec2
- glacier
- iam
- opsworks
- s3
- sns
- sqs
So I understand that sts does not support kinesis.
Someone knows a way to send data to kinesis cross-account?
amazon-web-servicesSolution 1:[1]
This aws document can be referred which demonstrated cross account application writing to kinesis data stream using kinesis client library (java/python) - https://aws.amazon.com/blogs/architecture/field-notes-how-to-enable-cross-account-access-for-amazon-kinesis-data-streams-using-kinesis-client-library-2-x/
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |