Cross-Account Access

hkaiser · February 14, 2024, 7:05pm

Is it possible to access AWS resources located outside of localstack? I’m attempting to use the IoT Core MQTT broker in another AWS account that I currently have. I’ve attached the following policies to my lambda like I usually do in my SAM template:

Policies:
  - AWSIoTDataAccess
  - AWSIoTEventsFullAccess
  - AWSIoTFullAccess

But I get a “Forbidden” error when I use the IoT Data AWS SDK in my lambda code. I assume this is a permissions issue that I need to fix, but I’m not sure how localstack handles access of AWS resources outside of localstack. What do I need to include in the CloudFormation template to give my lambda the correct permissions to access the AWS resources belonging to another AWS account?

viren · February 15, 2024, 8:23am

Hi @hkaiser, a LocalStack instance can’t access resources outside of its own, including other LocalStack instances or AWS. It is however possible to have cross-account setups within LocalStack.

Marcel · February 16, 2024, 9:46am

You can find the details at Cross-Account and Cross-Region Access | Docs (localstack.cloud).

Topic		Replies	Views
LocalStack Release v1.2.0 Announcement localstack , announcement , release	0	856	October 12, 2022
Does Localstack get any support from AWS folks? Platform localstack , discussion-pages	3	270	April 26, 2024
Using LocalStack for a CTF Platform	3	208	January 12, 2024
LocalStack Release v2.1.0 Announcement localstack , announcement , release , open-source	0	1650	May 25, 2023
Rate limiting for S3 Platform localstack	0	364	July 7, 2022

Cross-Account Access

Related Topics