[英]AWS timestream-write gets "An error occurred (AccessDeniedException) when calling the DescribeEndpoints operation: This operation is not allowed."
I am experimenting the AWS SDK for python to access Timestream.我正在为 python 试验 AWS SDK 以访问 Timestream。 I tried their in house example code from the repository and I wrote my own code to create a database:
我从存储库中尝试了他们的内部示例代码,并编写了自己的代码来创建数据库:
import boto3
from botocore.config import Config
client = boto3.client('timestream-write')
response = client.create_database(DatabaseName='test')
Both sample code and my own code got the following error:示例代码和我自己的代码都出现了以下错误:
AccessDeniedException: An error occurred (AccessDeniedException) when calling the DescribeEndpoints operation: This operation is not allowed.
AccessDeniedException:调用 DescribeEndpoints 操作时发生错误(AccessDeniedException):不允许执行此操作。
I googled a bit, but I could not find any information about it.我用谷歌搜索了一下,但找不到有关它的任何信息。 Thanks!
谢谢!
Timestream is currently only available in a handful of regions. Timestream 目前仅在少数几个地区可用。 Make sure the boto3 region configuration set the correct region to those eligible ones.
确保 boto3 区域配置将正确的区域设置为符合条件的区域。
The credentials that you are using to interact with Timestream should use an IAM role that has has either an AWS managed policy or a custom policy that allow you to call timestream:DescribeEndpoints.您用于与 Timestream 交互的凭证应使用 IAM 角色,该角色具有 AWS 托管策略或允许您调用 timestream:DescribeEndpoints 的自定义策略。 See this page for an example: https://docs.aws.amazon.com/timestream/latest/developerguide/security_iam_id-based-policy-examples.html
有关示例,请参见此页面: https://docs.aws.amazon.com/timestream/latest/developerguide/security_iam_id-based-policy-examples.html
Assuming you configured your environment to use the AWS CLI and ran aws configure
, the IAM User that is tied to those credentials should be granted timestream:DescribeEndpoints.假设您将环境配置为使用 AWS CLI 并运行
aws configure
,那么与这些凭证绑定的 IAM 用户应该被授予 timestream:DescribeEndpoints。 https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html
You may have gotten this permissions error because you are missing TableName, which is a required parameter.您可能会收到此权限错误,因为您缺少 TableName,这是一个必需的参数。 https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateTable.html
https://docs.aws.amazon.com/timestream/latest/developerguide/API_CreateTable.html
in your iam role add this permission policy在您的 iam 角色中添加此权限策略
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"timestream:DescribeEndpoints"
],
"Resource": "*"
}
] }
DescribeEndpoints is called bt sdk in case you defined endpoints interface like this in your vpc query-cell2.timestream..amazonaws.com. DescribeEndpoints 称为 bt sdk,以防您在 vpc query-cell2.timestream..amazonaws.com 中定义这样的端点接口。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.