堆栈内存溢出
  简体   繁体   English

AWS Lambda无法删除Amazon S3对象

[英]AWS Lambda can't delete Amazon S3 object

 原文  2015-02-09 22:17:55       amazon-web-services/ amazon-s3/ aws-lambda

问题描述

I'm trying to create an AWS Lambda function, which processes a file uploaded to the first bucket, then saves it to the second bucket and then deletes the input file. 我正在尝试创建一个AWS Lambda函数,该函数处理上传到第一个存储桶的文件,然后将其保存到第二个存储桶,然后删除输入文件。

The problem is that when I'm trying to delete the file I'm getting 问题是,当我试图删除我正在获取的文件时 

{
  "message": "Access Denied",
  "code": "AccessDenied",
  "time": "2015-02-09T22:08:45.926Z",
  "statusCode": 403,
  "retryable": false,
  "retryDelay": 30
}

The code snippet, which tries to delete the file is 试图删除文件的代码片段是 

s3.deleteObject({
    Bucket: inputBucket,
    Key: inputKey
}, function(a, b) {
    if (a) {
        console.error("Error on delete");
        console.error(a);
    } else {
        console.log("Deleted successfully");
    }
});

3 个解决方案

解决方案1
 8  2015-02-10 02:46:16

The possible reason why lambda wasn't able to delete the file ( S3 object ) could be due to the Lambda's Execution Role. lambda无法删除文件(S3对象)的可能原因可能是Lambda的执行角色。

Steps to solve this 解决这个问题的步骤

  1. Navigate to the IAM in AWS Management Console 导航到AWS管理控制台中的IAM
  2. Look up for the IAM Role used ( or created ) for the lambda ( if it is default it would be lambda_exec_role ) 查找为lambda使用(或创建)的IAM角色(如果它是默认值,则为lambda_exec_role)
  3. Go to Attach Role Policy -> Custom Policy and add the below IAM Policy Document 转到附加角色策略 - >自定义策略并添加以下IAM策略文档 
{
  "Statement": [
    {
      "Sid": "Stmt1423535846414",
      "Action": [
        "s3:DeleteObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::*"
    }
  ]
}

解决方案2
 0  2015-02-19 15:33:08

I had trouble with weird characters and spaces within inputKey. 我在inputKey中遇到了奇怪的字符和空格。 Try with a simple name. 尝试使用简单的名称。

解决方案3
 0  2019-04-18 20:01:02

Go to IAM -> Roles -> <assigned-role-name> -> Permissions -> <policy-name> 转到IAM -> Roles -> <assigned-role-name> -> Permissions -> <policy-name>

Make sure your policy has the following: 确保您的政策具有以下内容: 

{
    "Statement": [
        {
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::<my-bucket>",
                "arn:aws:s3:::<my-bucket>/*"
            ],
            "Effect": "Allow"
        }

    ]
}

Note: arn:aws:s3:::<my-bucket> is for accessing my-bucket whereas arn:aws:s3:::<my-bucket>/* is for accessing all objects under my-bucket . 注意: arn:aws:s3:::<my-bucket>用于访问my-bucketarn:aws:s3:::<my-bucket>/*用于访问my-bucket下的所有对象。 They are similar but not the same. 它们相似但不一样。 They need to be both present to ensure lambda has full S3 access 它们必须同时存在以确保lambda具有完全的S3访问权限

Hope this helps 希望这可以帮助

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用aws或boto删除Amazon S3多个对象 - Amazon S3 multiple object delete using aws or boto 使用Nodejs Lambda函数删除AWS S3对象 - Delete AWS S3 Object using Nodejs Lambda function Amazon AWS - S3 到 ElasticSearch (Python Lambda) - Amazon AWS - S3 to ElasticSearch (Python Lambda) 亚马逊 AWS S3 自动删除对象 lambda - Amazon AWS S3 autoDeleteObjects lambda 无法从 Amazon S3 中删除目录 - Can't delete directory from Amazon S3 删除 AWS S3 中的对象 - Delete an object in AWS S3 为什么我不能使用AWS javascript sdk删除s3存储桶中的对象? - Why can't I delete an object in a s3 bucket with the AWS javascript sdk? 如何从Amazon S3删除对象? - How to delete an object from Amazon S3? 文件夹不会在Amazon S3上删除 - Folder won't delete on Amazon S3 c++:AWS S3 Object Lambda - c++: AWS S3 Object Lambda
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM