我有一个Lambda函数,它利用AWS Python SDK来管理AWS CodeCommit存储库。我使用CDK创建Lambda函数,如下所示:
from aws_cdk import aws_lambda as _lambda
from aws_cdk.aws_lambda_python import PythonFunction
service = PythonFunction(
self, 'Svc',
entry='./path/to',
index='file.py',
runtime=_lambda.Runtime.PYTHON_3_8,
handler='handler',
)
部署后,我运行Lambda函数,出现以下错误并发送到CloudWatch日志:
An error occurred (AccessDeniedException) when calling the GetRepository operation: User: arn:aws:iam::XXXXXXXXXXXX:user/XXXX is not authorized to perform: codecommit:GetRepository on resource: arn:aws:codecommit:us-east-1:XXXXXXXXXXXX:XXXX
如何允许Lambda函数在我的帐户中的任何存储库上调用codecommit:GetRepository
创建IAM策略语句并将其添加到职能部门的角色策略:
相关问题 更多 >
编程相关推荐