My company manages AWS using a multi-account system. I have a lambda function in account A and a DynamoDB table with a Stream enabled in account B. I want the stream events to trigger my function.
When I run:
aws lambda create-event-source-mapping --event-source-arn arn:aws:dynamodb:us-east-1:101010101:table/table/stream/2016-08-09T23:00:46.852 --function-name Lambda-qa --enabled --batch-size 10 --starting-position TRIM_HORIZON
I get the following error: An error occurred (InvalidParameterValueException) when calling the CreateEventSourceMapping operation: Role and event source must be in the same account as the cloud function
Looks like the Lambda function and DynamoDB stream have to be in the same account. But can read the the DynamoDB stream in accountA from accountB through some other means? A redirection, SNS, SQS, S3 or a custom app.