I'm creating an apollo graphql lambda where the re...
# ssta
Abdul Taleb
09/02/2021, 3:47 AMI'm creating an apollo graphql lambda where the resolvers invoke other lambdas directly. I'm getting a permissions error. Any idea on how to pass the permissions to the resolver lambda. I'm doing this:
Copy code
const apollo = new sst.ApolloApi();
const resolver = new sst.Function();
resolver.attachPermissions([apollo]);f
Frank
09/02/2021, 3:55 AM
Hey @Abdul Taleb, try this
Copy code
resolver.attachPermissions(["lambda:InvokeFunction"]);a
Abdul Taleb
09/02/2021, 4:47 AMThanks Frank, but it still is giving me the same error
Abdul Taleb
09/02/2021, 4:48 AM Copy code
User: arn:aws:sts::********:assumed-role/apolloGraphqlLambda/graphql-api-dev is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:us-west-2:**********:function:resolver-devf
Frank
09/02/2021, 3:40 PM
Hmm.. I think we are attaching the permission to the wrong Lambda. Where is the
resolverApolloApiserverresolvera
Abdul Taleb
09/02/2021, 3:41 PMI was able to get it to work doing this
Copy code
apollo.attachPermissions(["lambda:InvokeFunction"])Abdul Taleb
09/02/2021, 3:42 PMThanks!
f
Frank
09/02/2021, 3:45 PM
Nice!👍