Amazon web services CloudFormation,Lambda,S3-S3拒绝访问
因此,我尝试运行此cloudformation脚本,但出现以下错误:Amazon web services CloudFormation,Lambda,S3-S3拒绝访问,amazon-web-services,amazon-s3,aws-lambda,amazon-cloudformation,Amazon Web Services,Amazon S3,Aws Lambda,Amazon Cloudformation,因此,我尝试运行此cloudformation脚本,但出现以下错误: 您的访问被S3拒绝,请确保您的请求凭据具有获取S3.XXXX.amazonaws.com/S3-bucket/folder-1/folder-2/code.zip对象的权限。S3错误代码:AccessDenied。S3错误消息:访问被拒绝 我甚至试着公开我的code.zip!这不是我理想中想要做的 这是我的代码: "lambdafunction": { "Type": "AWS::Lambda::Function
您的访问被S3拒绝,请确保您的请求凭据具有获取S3.XXXX.amazonaws.com/S3-bucket/folder-1/folder-2/code.zip对象的权限。S3错误代码:AccessDenied。S3错误消息:访问被拒绝
"lambdafunction": {
"Type": "AWS::Lambda::Function",
"DependsOn": [
"other1",
"other2",
"other3"
],
"Properties": {
"Code": {
"S3Bucket": "s3.XXXX.amazonaws.com",
"S3Key": "s3-bucket/folder-1/folder-2/code.zip"
},
"Role": {
"Fn::GetAtt": [
"accessrole",
"Arn"
]
},
"Timeout": 60,
"Handler": "lambda_function.lambda_handler",
"Runtime": "python2.7",
"MemorySize": 1024
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "XXXX"
}
}
},
提前谢谢 因此,原来代码部分是错误的,需要命名bucket url
"Code": {
"S3Bucket": "s3-bucket",
"S3Key": "folder-1/folder-2/code.zip"
},
我假设您正在使用aws cli。如果是这样,您用来登录aws cli的IAM用户是否具有从S3获取对象的权限?感谢您尽快回复我!不,这是在aws控制台上的cloudformation服务中,我已经尝试将策略添加到s3存储桶中,以允许云形成具有访问权限,并确保所选角色也具有访问该存储桶的正确权限!我似乎不明白为什么它会抛出这个错误!您应该提供一个预期格式的示例。它只是一个bucket名称,还是前面有s3://的URI?