Cross-Account Access

hkaiser · February 14, 2024, 7:05pm

Is it possible to access AWS resources located outside of localstack? I’m attempting to use the IoT Core MQTT broker in another AWS account that I currently have. I’ve attached the following policies to my lambda like I usually do in my SAM template:

Policies:
  - AWSIoTDataAccess
  - AWSIoTEventsFullAccess
  - AWSIoTFullAccess

But I get a “Forbidden” error when I use the IoT Data AWS SDK in my lambda code. I assume this is a permissions issue that I need to fix, but I’m not sure how localstack handles access of AWS resources outside of localstack. What do I need to include in the CloudFormation template to give my lambda the correct permissions to access the AWS resources belonging to another AWS account?

viren · February 15, 2024, 8:23am

Hi @hkaiser, a LocalStack instance can’t access resources outside of its own, including other LocalStack instances or AWS. It is however possible to have cross-account setups within LocalStack.

Marcel · February 16, 2024, 9:46am

You can find the details at Cross-Account and Cross-Region Access | Docs (localstack.cloud).

Topic		Replies	Views
Local Lambda against remote SQS? Platform	5	88	December 18, 2024
Does Localstack get any support from AWS folks? Platform localstack , discussion-pages	3	496	April 26, 2024
LocalStack Release v1.2.0 Announcement localstack , announcement , release	0	977	October 12, 2022
Does localstack support Iot triggers for lambdas? Platform localstack	3	220	February 16, 2024
Disable cross account access Platform localstack	2	21	October 3, 2024

Cross-Account Access

Related topics