當我有我的拉姆達執行的角色IAM策略設置爲:AWS IAM拉姆達 「沒有被授權執行:波長:GetFunction」
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:GetFunction"
],
"Resource": [
"*"
],
"Effect": "Allow"
}
]
}
我得到這個錯誤:
[AccessDeniedException: User:
arn:aws:sts::xxx:assumed-role/supercoolsoftware-dev-us-west-2-lambdaRole/supercoolsoftware-dev-addEmail
is not authorized to perform:
lambda:GetFunction on resource:
arn:aws:lambda:us-west-2:xxx:function:supercoolsoftware-dev-dailyEmail]
但是,當我將策略設置爲:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:*"
],
"Resource": [
"*"
],
"Effect": "Allow"
}
]
}
錯誤消失了......我還需要添加哪些內容?
你確定這是唯一的區別嗎?政策是否正確附加? –
@ f.khantsis我不得不包含'lambda:GetFunctionConfiguration' – CamHart