Invoke an AWS Lambda function from an Amazon Bedrock flow in a different AWS account - Amazon Bedrock
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

Invoke an AWS Lambda function from an Amazon Bedrock flow in a different AWS account

An Amazon Bedrock flow can invoke a AWS Lambda function that is in a different AWS account from the flow. Use the following procedure to configure the Lambda function (Account A) and the flow (Account B).

To configure a flow flow to call a Lambda function in a different AWS account

  1. In Account A (Lambda function), add a resource-based policy to the Lambda function, using the Flow Execution Role from Account B as the principal. For more information, see Granting Lambda function access to other accounts in the AWS Lambda documentation.

  2. In Account B (Amazon Bedrock flow), add permission for the invoke operation to the flow execution role for the Lambda function ARN that you are using. For more information, see Update permissions for a role in the AWS Identity and Access Management documentation.