AWS Lambda 功能:它不显示现有角色列表
[英]AWS Lambda Functions: it doesn't show list of existing roles
问题描述
I have created a Role in IAM with AmazonEC2FullAccess based policy.
我使用基于AmazonEC2FullAccess的策略在IAM中创建了一个角色。 This role is properly created in IAM .此角色已在IAM中正确创建。 But the same role is not appearing to attach for lambda function.但是对于lambda function 似乎没有附加相同的角色。
Can someone please help.有人可以帮忙吗? I have the admin access and with this I'm getting below error.我有管理员访问权限,因此我遇到了以下错误。
(AccessDenied) when calling the PutMetricAlarm operation: User: arn:aws:sts::xxx:assumed-role/lambdaEC2fullaccess/StopEc2 is not authorized to perform: iam:CreateServiceLinkedRole on resource: arn:aws:iam::xxx:role/aws-service-role/events.amazonaws.com/AWSServiceRoleForCloudWatchEvents"
1 个解决方案
解决方案1
4 2020-09-22 10:21:05
From your screenshot, it appears that the AmazonEC2FullAccess role is for EC2 instance , not lambda. You can verify this by going into the IAM console, clicking on the AmazonEC2FullAccess and checking its trust relationship .从您的屏幕截图来看, AmazonEC2FullAccess角色似乎是针对 EC2 实例,而不是 lambda。您可以通过进入 IAM 控制台,单击AmazonEC2FullAccess并检查其信任关系来验证这一点。
If the trust policy is for instance, it will look like:例如,如果信任策略是这样的,它将如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
However, IAM trust policy for lambda should look like:但是, lambda 的 IAM 信任策略应如下所示:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
You can edit the trust policy, and refresh your lambda console window. Or you can create new role for lambda from the beginning.您可以编辑信任策略,并刷新您的 lambda 控制台 window。或者您可以从头开始为 lambda 创建新角色。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.