我正在创建一个zappa app,以便在S3 bucket中创建对象时可以执行lambda函数。目前,当试图通过zappa update dev
更新我的zappa应用程序时,我得到以下错误:
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the GetBucketNotification operation: Access Denied
我已经在我的Mac系统上安装了configured my AWS credentials,所以我假设错误来自我的Bucket策略不允许此事件通知。你知道吗
我的政策是:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Allow All",
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::****-bucket/*"
},
{
"Sid": "Deny All Actions On All But Media and Static Unless Defined User",
"Effect": "Deny",
"NotPrincipal": {
"AWS": "arn:aws:iam::***********:root"
},
"Action": "s3:*",
"NotResource": [
"arn:aws:s3:::****-bucket/media/*",
"arn:aws:s3:::****-bucket/static/*",
"arn:aws:s3:::****-bucket/media_thumbnail/*"
]
}
]
}
任何我的CORS配置:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
这是我的zappa_settings.json
:
{
"dev": {
"aws_region": "us-east-2",
"django_settings": "zappatest.settings",
"profile_name": "default",
"project_name": "zappatest",
"runtime": "python3.6",
"s3_bucket": "zappa-*******",
"vpc_config" : {
"SubnetIds": [ "subnet-******", "subnet-*******", "subnet-*******" ],
"SecurityGroupIds": [ "sg-******" ]
},
"events": [{
"function": "zappatest.lambda_function",
"event_source": {
"arn": "arn:aws:s3:::*****-bucket/media/",
"events": [
"s3:ObjectCreated:*"
]
}
}]
}
}
错误是因为我的bucket策略安全还是其他原因?你知道吗
目前没有回答
相关问题 更多 >
编程相关推荐