堆棧內存溢出
  簡體   English   中英

AWS AccessDeniedException elastictranscoder:CreateJob

[英]AWS AccessDeniedException elastictranscoder:CreateJob

 原文  2016-06-09 18:50:55       amazon-web-services/ amazon-s3/ amazon-iam/ aws-lambda

問題描述

我正在嘗試使用Lambda函數來觸發Elastic Transcoder作業,但我一直收到以下錯誤消息: 

AccessDeniedException: User: arn:aws:sts::xxx:assumed-role/xxxx/xxx is not authorized to perform: elastictranscoder:CreateJob on resource: arn:aws:elastictranscoder:xxxxx:pipeline/xxxxx

我的IAM用戶策略涵蓋了所有訪問要求: 

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Stmt1465486106000",
        "Effect": "Allow",
        "Action": [
            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:GetLogEvents",
            "logs:PutLogEvents",
            "logs:DescribeLogStreams"
        ],
        "Resource": [
            "arn:aws:logs:*:*:*"
        ]
    },
    {
        "Sid": "1",
        "Effect": "Allow",
        "Action": [
            "s3:Put*",
            "s3:ListBucket",
            "s3:*MultipartUpload*",
            "s3:Get*"
        ],
        "Resource": "*"
    },
    {
        "Sid": "2",
        "Effect": "Allow",
        "Action": "sns:Publish",
        "Resource": "*"
    },
    {
        "Sid": "3",
        "Effect": "Deny",
        "Action": [
            "s3:*Delete*",
            "s3:*Policy*",
            "sns:*Remove*",
            "sns:*Delete*",
            "sns:*Permission*"
        ],
        "Resource": "*"
    }
]
}

為什么會出現AccessDeniedException ,該如何解決?

2 個解決方案

解決方案1
 3 已采納  2016-06-09 19:07:47

將您的政策更改為以下內容,然后嘗試即可 

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Stmt1465486106000",
        "Effect": "Allow",
        "Action": [

            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:GetLogEvents",
            "logs:PutLogEvents",
            "logs:DescribeLogStreams"
        ],
        "Resource": [
            "arn:aws:logs:*:*:*"
        ]
    },
    {
        "Sid": "1",
        "Effect": "Allow",
        "Action": [
            "elastictranscoder:*",
            "s3:Put*",
            "s3:ListBucket",
            "s3:*MultipartUpload*",
            "s3:Get*"
        ],
        "Resource": "*"
    },
    {
        "Sid": "2",
        "Effect": "Allow",
        "Action": "sns:Publish",
        "Resource": "*"
    },
    {
        "Sid": "3",
        "Effect": "Deny",
        "Action": [
            "s3:*Delete*",
            "s3:*Policy*",
            "sns:*Remove*",
            "sns:*Delete*",
            "sns:*Permission*"
        ],
        "Resource": "*"
    }
]
}

解決方案2
 3  2018-04-05 21:36:47

您不需要通過編輯更改json。 首先,確定您要編輯哪個角色? 

1-) Click Permisson http://prntscr.com/j1giww 
2-) see the role name http://prntscr.com/j1gj6s 
3-) go to IAM Roles 
4-) select the roles that you see at step 2
5-) edit policy and add Transcoder Full Access ( Or selected access )

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 AWS :: ElasticTranscoder ::錯誤:: AccessDeniedException異常 AWS編碼器PHP CreateJob 無法加載此類文件 -- aws-sdk-elastictranscoder> AWS Lambda 部署 - AccessDeniedException AWS:ssm:GetParameters AccessDeniedException AWS Glue 給出 AccessDeniedException Amazon AWS Elastic Transcode createJob和readJob不返回Input DetectedProperties數據 適用於S3的Laravel的AWS AccessDeniedException AWS StateMachine AccessDeniedException 步驟:CleanUpOnError 使用 AWS SDK 的 Lambda 上的 AWS SAM AccessDeniedException
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM