gpt4 book ai didi

amazon-web-services - 通过AWS Lambda使用boto3访问被拒绝

转载 作者:行者123 更新时间:2023-12-04 01:34:46 31 4
gpt4 key购买 nike

我用构造的数据处理管道

S3 + SNS + Lambda

由于S3无法将通知发送到其存储区域之外,因此我利用SNS将S3通知发送给其他区域的Lambda。

用以下代码编码的lambda函数

from __future__ import print_function
import boto3


def lambda_handler (event, context):
input_file_bucket = event["Records"][0]["s3"]["bucket"]["name"]
input_file_key = event["Records"][0]["s3"]["object"]["key"]

input_file_name = input_file_bucket+"/"+input_file_key

s3=boto3.resource("s3")
obj = s3.Object(bucket_name=input_file_bucket, key=input_file_key)
response = obj.get()

return event #echo first key valuesdf


当我运行保存并测试时,出现以下错误

    {
"stackTrace": [
[
"/var/task/lambda_function.py",
20,
"lambda_handler",
"response = obj.get()"
],
[
"/var/runtime/boto3/resources/factory.py",
394,
"do_action",
"response = action(self, *args, **kwargs)"
],
[
"/var/runtime/boto3/resources/action.py",
77,
"__call__",
"response = getattr(parent.meta.client, operation_name)(**params)"
],
[
"/var/runtime/botocore/client.py",
310,
"_api_call",
"return self._make_api_call(operation_name, kwargs)"
],
[
"/var/runtime/botocore/client.py",
395,
"_make_api_call",
"raise ClientError(parsed_response, operation_name)"
]
],
"errorType": "ClientError",
"errorMessage": "An error occurred (AccessDenied) when calling the GetObject operation: Access Denied"
}


我配置了lambda角色

full S3 access


并在目标存储桶上设置存储桶策略

everyone can do anything(list, delete, etc.)


看来我的政策制定得不好。

最佳答案

您正在寻找的特定S3对象的可能性是有限的权限

关于amazon-web-services - 通过AWS Lambda使用boto3访问被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33569045/

31 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com