I have a situation where it is required us to trigger lambda functions from my production windows server, which is currently running on our, on premise/corporate network. **note: we have VPN connection established between our corporate data centers and aws VPCs
One way I understand how I can achieve is: #1 Install AWS Cli on my production server which is running on my corporate data center #2 Generate secret key and access key from aws, with limited privileges (invoke lambda only) #3 Configure aws profile on my production instance using these credentials #4 Execute invoke lambda command using this profile
My Question is: Is this that, is this the best approach to achieve this or is there better solution than this ?
Any tip here would be helpful. Thank you !
You may consider other options:
IAM Roles Anywhere for step #2 to generate temporary credentials and eliminate the need to manage permanent ones.
Lambda function URLs for step #4 to eliminate the need to install the AWS CLI tool and its dependencies on your server (#1).