Or just read the config file from s3, the delay won't cost too much and then we don't need the extra dependency.
This would also allow us to distribute a pre-packaged zip file to upload into lambda. Not sure how we could discover the bucket name though...maybe based on the account identifier? Or list all buckets and require the config bucket to have a certain prefix?
Can an iam user view what permissions they have? If so we could automatically detect the bucket name based on that.
Or just read the config file from s3, the delay won't cost too much and then we don't need the extra dependency.
This would also allow us to distribute a pre-packaged zip file to upload into lambda. Not sure how we could discover the bucket name though...maybe based on the account identifier? Or list all buckets and require the config bucket to have a certain prefix?
Can an iam user view what permissions they have? If so we could automatically detect the bucket name based on that.