Amazon-lambda & Segment Integration

I followed the setup Guide indicated here but I'm still getting a "Validation Error Access denied" error on the "event-tester" page. 


The Setup Guide is missing a couple of steps. I'll lay them out below.



* The guide doesn't go back to add the ARN number to the Resouce object in the IAM policy setup. 


* In the IAM role setup section, it doesn't explain where the Principal.AWS values come from. Through some google search, I believe the number needs to match the user's AWS account number. 

  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::595280932656:root"
      "Action": "sts:AssumeRole",
      "Condition": {
        "StringEquals": {
          "sts:ExternalId": "YOUR_SEGMENT_SOURCE_ID"

* Lastly, the guide doesn't go through the setup of getting this configured through Segment's settings. 



I followed through the guide, & did as best as I could trying to fill in the gaps but I'm getting errors & I don't know where I went wrong at this point.

1reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Hi Matthew,

    Thank you for reaching out here and directly to our support team. If you don't mind, I'll answer your direct message so we can keep our conversation moving a bit more quickly.


    Success Engineer | Segment

    Want to level-up your analytics game? Check out Segment's Analytics Academy!