Amazon s3 调用CopyObject操作时发生错误(AccessDenied):拒绝访问
在AWS Lambda中运行Python代码时,使用boto3的Amazon s3 调用CopyObject操作时发生错误(AccessDenied):拒绝访问,amazon-s3,aws-lambda,boto3,amazon-iam,Amazon S3,Aws Lambda,Boto3,Amazon Iam,在AWS Lambda中运行Python代码时,使用boto3的copy\u object方法时,我遇到了这个错误 AWS Lambda代码 import json import boto3 def lambda_handler(event, context): some_binary_data = b'Here we have some data' client = boto3.client("s3") # Upload - Working
copy\u objectimport json
import boto3
def lambda_handler(event, context):
some_binary_data = b'Here we have some data'
client = boto3.client("s3")
# Upload - Working
client.put_object(Body=some_binary_data, Bucket='test', Key="upload/binary_1.txt")
# Copy - Working
s3 = boto3.resource('s3')
copy_source = {
'Bucket': 'test',
'Key': 'upload/binary_1.txt'
}
s3.meta.client.copy(copy_source, 'test', 'upload/binary_1_copied.txt')
# Copy - NOT WORKING
# Access Denied even after adding GetObjectTagging and PutObjectTagging permissions in the policy
client.copy_object(Bucket="test", CopySource="upload/binary_1.txt", Key="upload/binary_1_copied.txt")
# Delete - Working
client.delete_object(Bucket="test", Key="upload/binary_1.txt")
return {
'statusCode': 200,
'body': json.dumps('Hello from Lambda!')
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ReplicateObject",
"s3:PutObject",
"s3:GetObject",
"s3:GetObjectTagging",
"s3:ListBucket",
"s3:PutObjectTagging",
"s3:DeleteObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::test/*",
"arn:aws:s3:::test"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
}
]
}
注意-S3存储桶当前包含upload/binary_1.txt文件,如果
test因此,由于
testtesttest