SQS access policy which denies receiving messages except one lambda

Yesterday, I had a task to setup SQS access policy to allow reading messages from queue only by one lambda. Another part of this task was to allow sending messages only by Api Gateway. I tried following access policies with Deny + Principal to restrict SQS:ReceiveMessage action only to my lambda. Or Deny + NotPrincipal … Read more SQS access policy which denies receiving messages except one lambda

Using SigV2 to sign AWS S3 requests

This week I was working on a simple task to modify S3 bucket policy to deny s3:PutObject action to anyone except services in particular vpc or AWS presigned URL. It was just a matter of adding to bucket policy AWS S3 Presigned URL is generated by lambda with execution role get-presigned-url-lambda-role. According to doc Anyone with valid security credentials … Read more Using SigV2 to sign AWS S3 requests

FUNCTION_ERROR_INIT_FAILURE error while deploying AWS Lamba

Today I got an error Provisioned Concurrency configuration failed to be applied. Reason: FUNCTION_ERROR_INIT_FAILURE in CloudFormation while deploying stack with Lambda And that’s all. No more details about the root cause. My SAM file configures lambda with Provisioned Concurrency. After switching off Provisioned Concurrency my stack was successfully deployed but first lambda invocation finished with exception. … Read more FUNCTION_ERROR_INIT_FAILURE error while deploying AWS Lamba

IE11 ignores wildcard * for Access-Control-Allow-Headers

Yesterday while testing my React App on Internet Explorer 11 I got SEC7123: Request header content-type was not present in the Access-Control-Allow-Headers list in F12 Developers Tools Console.It happened during OPTIONS preflight HTTPS request to AWS API Gateway with CORS enabled. CORS was enabled via MOCK Integration Request. Mandatory CORS response headers Access-Control-Allow-Headers Access-Control-Allow-Origin Access-Control-Allow-Methods … Read more IE11 ignores wildcard * for Access-Control-Allow-Headers