Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

无法调用AWS Lambda函数:授权错误。

0

【以下的问题经过翻译处理】 我首先将文档存储在我的存储桶中,然后调用我创建的lambda函数以获取文档,我能够在S3中发送文档,但是出现以下错误,因此我无法在react.js代码中获取文档的响应。

错误: "AccessDeniedException: User: arn:aws:iam::076465650773:user/username is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:ap-south-1:076465650773:function:testing-lamda-function because no permissions boundary allows the lambda:InvokeFunction action"

我已经创建了角色,用户和内联策略,如下所示: ![lambda_role] (/media/postImages/original/IMitfRFbfYS5qWO8lJn9BMGw) ![aws_user] (/media/postImages/original/IMtt5hcq8sQwCZdZfCAPnUzA) ![testing-lambda-policy] (/media/postImages/original/IMiNOBaFjKQRyHlTUf9EDcrw)

我的代码:

export const DetectText = () => {
  const [file, setFile] = useState({});
  const bucketName = process.env.REACT_APP_SECRET_BUCKET_NAME;

  const onSelectFile = (e) => {
    if (!e.target.files || e.target.files.length === 0) return;
    const reader = new FileReader();
    const file = e.target.files[0];
    setFile(file);
    reader.readAsDataURL(file);
  }

  const s3 = new AWS.S3({
    accessKeyId: process.env.REACT_APP_ACCESS_KEY_id,
    secretAccessKey: process.env.REACT_APP_SECRET_ACCESS_KEY,
    region: 'ap-south-1'
  });

  const detectText = async () => {
    const params = {Bucket: bucketName, Key: file.name, Body: file};
    s3.putObject(params, (err, data) => {
      if (err) console.log(err);
      else console.log(data);
    });

    const lambda = new AWS.Lambda({
      accessKeyId: process.env.REACT_APP_ACCESS_KEY_id,
      secretAccessKey: process.env.REACT_APP_SECRET_ACCESS_KEY,
      region: 'ap-south-1'
    });

    const params2 = {
      FunctionName: 'testing-lamda-function',
      Payload: JSON.stringify({
        Records: [{
           s3:{bucket: { name: bucketName }, object: { key: file.name }}
          }]
      })
    };

    lambda.invoke(params2, (err, data) => {
      if (err)console.log(err);
      else console.log(data);
    });
  };

  return (
    <div>
      <input type='file' id='file' name='file' onChange={onSelectFile} className='inputfile' />
      <button onClick={detectText} style={{ margin: "10px" }}>Run OCR</button>
    </div>
  )
}

请让我知道我做错了什么。

Themen
SpeicherServerlosKalkulation
Tags
Amazon Simple Storage ServiceAWS Lambda
Sprache
中文 (简体)
profile picture
EXPERTE
rePost Polyglot
gefragt vor 6 Monaten35 Aufrufe
1 Antwort
0

【以下的回答经过翻译处理】 根据错误信息,IAM用户“User: arn:aws:iam::076465650773:user/username”似乎没有“lambda:InvokeFunction”权限。请尝试为合适的IAM用户设置“lambda:InvokeFunction”权限。此外,请检查以下文档,因为它指出“没有权限边界”。https://repost.aws/knowledge-center/iam-access-denied-permissions-boundary

profile picture
EXPERTE
rePost Polyglot
beantwortet vor 6 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt