Node.js 如何使用无服务器添加AWS用户权限?
我在AWS控制台中创建了一个用户,该用户只能访问Lambda服务 我的问题是,使用无服务器框架,在Myserverless.yaml中,是否可以向我的用户和任何其他服务添加S3完全访问权限? 多谢各位 handler.jsNode.js 如何使用无服务器添加AWS用户权限?,node.js,amazon-web-services,serverless-framework,aws-serverless,Node.js,Amazon Web Services,Serverless Framework,Aws Serverless,我在AWS控制台中创建了一个用户,该用户只能访问Lambda服务 我的问题是,使用无服务器框架,在Myserverless.yaml中,是否可以向我的用户和任何其他服务添加S3完全访问权限? 多谢各位 handler.js 'use strict'; const aws = require('aws-sdk'); const s3 = new aws.S3({ apiVersion: '2006-03-01' }); module.exports.helloWorld = (event,
'use strict';
const aws = require('aws-sdk');
const s3 = new aws.S3({ apiVersion: '2006-03-01' });
module.exports.helloWorld = (event, context, callback) => {
const params = {};
s3.listBuckets(params, function(err, data) {
if (err) console.log(err, err.stack);
else console.log(data);
});
const response = {
statusCode: 200,
message: JSON.stringify({message: 'Success!'})
};
callback(null, response);
};
provider:
name: aws
runtime: nodejs8.10
region: eu-blah-1
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:ListBucket"
- "s3:PutObject"
- "s3:GetObject"
Resource: "arn:aws:s3:::examplebucket/*"
functions:
helloWorld:
handler: handler.helloWorld
events:
- http:
path: hello-world
method: get
cors: true
如果您指的是在无服务器框架部署Lambda函数后,在执行时授予Lambda函数的权限,那么您可以在
Serverless.yamlprovideriamRoleStatements:
- Effect: "Allow"
Action:
- "s3:PutObject"
- "s3:DeleteObject"
- "s3:DeleteObjects"
Resource: arn:aws:s3:::${self:custom.s3WwwBucket}/content/pages/*
- Effect: Allow
Action:
- lambda:InvokeFunction
- lambda:InvokeAsync
Resource: arn:aws:lambda:${self:custom.region}:*:function:${self:service}-${opt:stage}-*
- Effect: "Allow"
Action:
- "ses:SendEmail"
- "ses:SendEmailRaw"
Resource: "arn:aws:ses:eu-west-1:01234567891234:identity/noreply@example.com"
谁是“用户”,这是一个具有API凭据的IAM用户,您用来部署无服务器服务,还是这与您希望部署的Lambda函数具有的权限有关?请您解释一下资源:arn:aws:s3:::${self:custom.s3wwbucket}/content/pages/*行是如何工作的?谢谢
${self:custom.s3wwbucket}serverless.ymlcontent/pages/*arn:aws:s3:::示例bucket name/*s3:listbugketss3:listbugkets3:ListBuckets