You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix: allow terminate Lambda to access kms key (#1253)
## Description
Just noticed that the termination Lambdas do no longer start. Error
message is
```
Calling the invoke API action failed with this message: Lambda was unable to decrypt the environment variables
because KMS access was denied. Please check the function's KMS key settings. KMS Exception:
AccessDeniedExceptionKMS Message: User: <arn here> is not authorized to perform: kms:Decrypt on resource:
<arn here> because no identity-based policy allows the kms:Decrypt action (Service: Kms, Status Code: 400,
Request ID: <request id here>)
```
This PR adds the `kms:Decrypt` action to the Lambda role allowing the
Lambda function to decode the environment variables.
0 commit comments