允许从我的zappa应用程序发出“ObjectCreated”事件通知

2024-03-29 13:44:15 发布

您现在位置:Python中文网/ 问答频道 /正文

我正在创建一个zappa app,以便在S3 bucket中创建对象时可以执行lambda函数。目前,当试图通过zappa update dev更新我的zappa应用程序时,我得到以下错误:

botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the GetBucketNotification operation: Access Denied

我已经在我的Mac系统上安装了configured my AWS credentials,所以我假设错误来自我的Bucket策略不允许此事件通知。你知道吗

我的政策是:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Allow All",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::****-bucket/*"
        },
        {
            "Sid": "Deny All Actions On All But Media and Static Unless Defined User",
            "Effect": "Deny",
            "NotPrincipal": {
                "AWS": "arn:aws:iam::***********:root"
            },
            "Action": "s3:*",
            "NotResource": [
                "arn:aws:s3:::****-bucket/media/*",
                "arn:aws:s3:::****-bucket/static/*",
                "arn:aws:s3:::****-bucket/media_thumbnail/*"
            ]
        }
    ]
}

任何我的CORS配置:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

这是我的zappa_settings.json

{
    "dev": {
        "aws_region": "us-east-2",
        "django_settings": "zappatest.settings",
        "profile_name": "default",
        "project_name": "zappatest",
        "runtime": "python3.6",
        "s3_bucket": "zappa-*******",
        "vpc_config" : {
            "SubnetIds": [ "subnet-******", "subnet-*******", "subnet-*******" ],
            "SecurityGroupIds": [ "sg-******" ] 
        },
        "events": [{
            "function": "zappatest.lambda_function",
            "event_source": {
                  "arn":  "arn:aws:s3:::*****-bucket/media/",
                  "events": [
                    "s3:ObjectCreated:*"
                  ]
               }
            }]
    }
}

错误是因为我的bucket策略安全还是其他原因?你知道吗


Tags: lambdadevawssettingss3bucket错误all