StartMatchmaking via Lambda

Hi!

I’m trying StartMatchmaking via AWS Lambda. And get

  "errorType": "AmazonGameLiftException",
"errorMessage": "User: arn:aws:sts::xxxxxxxxxxxx:assumed-role/matchmaking/test is not authorized to perform: gamelift:StartMatchmaking",

Code that use Credentials is commented, because I can’t read file in Lambda.

        public void FunctionHandler(ILambdaContext context)
{
_playerId = System.Guid.NewGuid().ToString();
Amazon.AWSConfigs.AWSRegion = "eu-central-1";
//var chain = new CredentialProfileStoreChain("credentials.ini");
//if (chain.TryGetAWSCredentials("profile_api", out AWSCredentials awsCredentials))
//{
// Use awsCredentials
_amazonGlClient = new AmazonGameLiftClient(/*awsCredentials, */Amazon.RegionEndpoint.EUCentral1);
var request = new StartMatchmakingRequest
{
ConfigurationName = "config",
Players = { new Player { PlayerId = _playerId } }
};
var response = _amazonGlClient.StartMatchmaking(request);

Should I set Credentials or should take them from role or it should happen automatically

Hey @FedorPrivivkin,

The AWS client should inherit the role from the Lambda execution role, I don’t think you should have to set it manually.

You do need to add permissions to the Role to call the GameLift APIs, I think that’s what you’re missing.

In my account, I have a Lambda which calls StartMatchmaking. I attached the an additional policy to my Lambda IAM execution role which allows the Lambda to call all GameLift APIs (you can choose to narrow it down to individual APIs if you like).

Here’s my extra policy looks like:

    {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1457659340000",
"Effect": "Allow",
"Action": [
"gamelift:*"
],
"Resource": [
"*"
]
}
]
}

And here’s a snippet of sample code, in Python, where the AWS boto3 client uses the execution role of the Lambda without any extra configuration from me:


import boto3
gamelift = boto3.client('gamelift')
def start_matchmaking_for_cowboys_vs_aliens(config_name, ticket_id, player_id, skill):
print "Starting matchmaking for player: "
response = gamelift.start_matchmaking(
ConfigurationName=config_name,
Players=[
{
"PlayerAttributes": {
"skill": {
"N": skill
}
},
"PlayerId": player_id
}
],
TicketId=ticket_id)
print response

Thank you!