Node.js 在Lambda函数中使用s3 getObject生成带有InvalidToken错误的url
我正在尝试使用Lambda函数中的getObject方法获取s3对象的预签名URL。但当我在浏览器中打开结果URL时,它显示InvalidToken错误 我已经上传了一个Node.js 在Lambda函数中使用s3 getObject生成带有InvalidToken错误的url,node.js,amazon-web-services,amazon-s3,lambda,serverless-framework,Node.js,Amazon Web Services,Amazon S3,Lambda,Serverless Framework,我正在尝试使用Lambda函数中的getObject方法获取s3对象的预签名URL。但当我在浏览器中打开结果URL时,它显示InvalidToken错误 我已经上传了一个data.txt文件到一个bucket中 content.ts import 'source-map-support/register'; import { APIGatewayProxyHandler } from 'aws-lambda'; import { S3 } from 'aws-sdk'; const s3 =
data.txtimport 'source-map-support/register';
import { APIGatewayProxyHandler } from 'aws-lambda';
import { S3 } from 'aws-sdk';
const s3 = new S3({
signatureVersion: 'v4'
});
export const getContent: APIGatewayProxyHandler = async (event, context) => {
const signedUrl = s3.getSignedUrl('getObject', {
Bucket: process.env.BUCKET,
Key: 'data.txt',
Expires: 60
});
return {
statusCode: 200,
body: JSON.stringify({
url: signedUrl
})
};
}
service:
name: purchased-content
custom:
bucket: "project-paid-content"
plugins:
- serverless-webpack
provider:
name: aws
runtime: nodejs10.x
region: us-east-2
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource:
- "arn:aws:s3:::${self:custom.bucket}"
- "arn:aws:s3:::${self:custom.bucket}/*"
functions:
getContent:
handler: content.getContent
events:
- http:
method: get
path: get
environment:
BUCKET: ${self:custom.bucket}
resources:
Resources:
PaidContentBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.bucket}
AccessControl: Private
您的IAM政策似乎还可以。我认为问题可能在于反应
return {
statusCode: 200,
body: JSON.stringify({
url: signedUrl
})
};
尝试记录返回的url并使用它。如果失败,您可能希望进一步了解IAM策略/角色。您的代码在哪里运行(在AWS内部还是外部)?这是一个AWS Lambda函数。它究竟如何在AWS之外运行?API Gateway希望返回的正文始终字符串化: