1
我試圖用一個lambda函數觸發彈性轉碼器的工作,但我不斷收到此錯誤信息:AWS AccessDeniedException異常elastictranscoder:CreateJob
AccessDeniedException: User: arn:aws:sts::xxx:assumed-role/xxxx/xxx is not authorized to perform: elastictranscoder:CreateJob on resource: arn:aws:elastictranscoder:xxxxx:pipeline/xxxxx
我的IAM用戶策略涵蓋了所有訪問要求:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1465486106000",
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:GetLogEvents",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Sid": "1",
"Effect": "Allow",
"Action": [
"s3:Put*",
"s3:ListBucket",
"s3:*MultipartUpload*",
"s3:Get*"
],
"Resource": "*"
},
{
"Sid": "2",
"Effect": "Allow",
"Action": "sns:Publish",
"Resource": "*"
},
{
"Sid": "3",
"Effect": "Deny",
"Action": [
"s3:*Delete*",
"s3:*Policy*",
"sns:*Remove*",
"sns:*Delete*",
"sns:*Permission*"
],
"Resource": "*"
}
]
}
爲什麼我會收到AccessDeniedException
,我該如何解決?
我懷疑elastictranscoder線需要在適用於任何資源,不ARN一節:AWS:日誌。 –
仍然收到與發佈的政策相同的錯誤..嘗試現在的建議 – Cbas
它在Sid:1聲明中工作!如果添加了另一個答案或更新了這個答案,我會接受它 – Cbas