The reason why I ask about this because I don't see any official documents mentioning performing PutRecord from AWS Lambda function to FireHose. I want to perform PutRecord from AWS Lambda on Kinesis FireHose. I have also given appropriate PutRecord policy to the AWS Lambda function that I am trying to PutRecord from. I get the following error when PutRecord action is performed from AWS Lambda using .Net 2.2
User: arn:aws:sts::accountnumber:assumed-role/listener-role/lambda is not authorized to perform: kinesis:PutRecord on resource: arn:aws:kinesis:us-west-1:accountnumber:assumed:stream/firehose-stream
I have a policy as follow
{
"permissionsBoundary": {},
"roleName": "listener-role",
"policies": [
{
"document": {
"Version": "2012-10-17",
"Statement": [
{....},
{
"Effect": "Allow",
"Action": [
"firehose:PutRecord",
"firehose:PutRecordBatch"
],
"Resource": [
"*"
]
}
]
},
"name": "policy",
"type": "inline"
}
],
"trustedEntities": [
"lambda.amazonaws.com"
]
}
.Net Snipped for Putting record on Kinesis FireHose
_kinesisClient is AmazonKinesisClient
MemoryStream recordStream = new MemoryStream();
IFormatter formatter = new BinaryFormatter();
formatter.Serialize(recordStream, data);
var request = new PutRecordRequest
{
PartitionKey = Guid.NewGuid().ToString(),
Data = recordStream,
StreamName = Environment.GetEnvironmentVariable("KinesisStream")
};
await _kinesisClient.PutRecordAsync(request);