当我有我的拉姆达执行的角色IAM策略设置为:AWS IAM拉姆达 “没有被授权执行:波长:GetFunction”
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:GetFunction"
],
"Resource": [
"*"
],
"Effect": "Allow"
}
]
}
我得到这个错误:
[AccessDeniedException: User:
arn:aws:sts::xxx:assumed-role/supercoolsoftware-dev-us-west-2-lambdaRole/supercoolsoftware-dev-addEmail
is not authorized to perform:
lambda:GetFunction on resource:
arn:aws:lambda:us-west-2:xxx:function:supercoolsoftware-dev-dailyEmail]
但是,当我将策略设置为:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:*"
],
"Resource": [
"*"
],
"Effect": "Allow"
}
]
}
错误消失了......我还需要添加哪些内容?
你确定这是唯一的区别吗?政策是否正确附加? –
@ f.khantsis我不得不包含'lambda:GetFunctionConfiguration' – CamHart