Re^2: Paws questions

in reply to Re: Paws questions
in thread Paws questions

Thanks for the answer - but I guess that would be the answer for a 3. question :)

The error I get seems to say that I'm not authenticating properly - I get the same error if using an altered MY_ACCESS_KEY_ID.
I used the ROLE_ARN as param in the call in order to avoid the possible non-inheriting in the credentials file,
but in a final code version, I'd like to have that too only in the credentials file.

Comment on Re^2: Paws questions

Replies are listed 'Best First'.
Re^3: Paws questions by nikosv (Deacon) on May 04, 2017 at 09:16 UTC
Are you using Paws::STS to get a security token? Have a look at "AWS Lambda For The Impatient Part 3" http://www.i-programmer.info/programming/cloud/10537-aws-lambda-for-the-impatient-part-3.html?start=1	[reply]
Re^4: Paws questions by Krambambuli (Curate) on May 05, 2017 at 09:16 UTC
Yes, but that is supposed to happen - and happens - 'under the hood'. Basically, I'm trying to access the cloudwatch service, with an IAM user account set up to switch to a given role, from an external (non-AwS) machine.	[reply]
Re^5: Paws questions by nikosv (Deacon) on May 05, 2017 at 11:01 UTC
In this case I would suggest setting up an API Gateway which exposes and HTTP API endpoint which calls into the Cloudwatch service. Since you don't want to use any AWS credentials in the clean machine you can authorize through creating API Keys by choosing security for your endpoint as "Open with access key", so that you can access the backend service over HTTP	[reply]

In Section Seekers of Perl Wisdom