如何授予Athena查询权限给Lambda函数?
[英]How to grant Athena query permission to a Lambda function?
问题描述
I have an AWS Lambda function which queries an Amazon Athena database. 
我有一个可查询Amazon Athena数据库的AWS Lambda函数。 But I get a permission error when executing the Lambda function: 但是执行Lambda函数时出现权限错误:
An error occurred (AccessDeniedException) when calling the GetQueryExecution operation: User: arn:aws:sts::773592622512:assumed-role/lambda_access-role/reddit_monitor is not authorized to perform: athena:GetQueryExecution on resource: arn:aws:athena:ap-southeast-2:773592622512:workgroup/primary: ClientError
I have created this policy for the Lambda function: 我为Lambda函数创建了以下策略:
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"athena:StartQueryExecution"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"s3:*"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::${var.athena-bucket}",
"arn:aws:s3:::${var.athena-bucket}/*"
]
}
]
}
I wonder why it still doesn't have permission to query Athena? 我想知道为什么它仍然没有查询雅典娜的权限? Have I missed anything here? 我在这里错过了什么吗?
1 个解决方案
解决方案1
0 已采纳 2019-07-25 12:01:08
您授予了athena:StartQueryExecution而不是athena:GetQueryExecution 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.