![](/img/trans.png)
[英]How are environment variables accessed from ".env" file if Django project deployed to AWS from Github?
[英]Aws ElasticSearch is not being accessed from Lambda where as it is being accessed from the localhost
我在 AWS 中部署了一個 ElasticSearch 實例,該實例可通過公共方式訪問。 我可以輕松地在本地主機上查詢數據,但是當我在 Aws lambda 上部署時,出現以下錯誤
消息:'用戶:arn:aws:sts::xxxxxxxx:assumed-role/infrastruct-dev-us-east-2-lambdaRole/zeong-immigration-infrastruct-dev-app 無權執行:es:ESHttpPost 因為沒有基於身份的策略允許 es:ESHttpPost 操作'
這是我的 serverless.yaml
iamRoleStatements:
- Effect: Allow
Action:
- es:ESHttpPost
- es:ESHttpPut
- es:ESHttpDelete
- es:ESHttpGet
Resource:
- {'Fn::GetAtt': ['ElasticSearchInstance', 'DomainArn']}
- {
'Fn::Join':
[
'',
[
'Fn::GetAtt': ['ElasticSearchInstance', 'DomainArn'],
'/*',
],
],
}
Condition:
IpAddress:
aws:SourceIp:
- '0.0.0.0' # Whitelisted IP
resources:
Resources:
ElasticSearchInstance:
Type: AWS::Elasticsearch::Domain
Properties:
EBSOptions:
EBSEnabled: true
VolumeType: gp2
VolumeSize: 10
ElasticsearchClusterConfig:
InstanceType: t2.small.elasticsearch
InstanceCount: 1
DedicatedMasterEnabled: false
ZoneAwarenessEnabled: false
ElasticsearchVersion: 5.3
AccessPolicies:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Principal:
AWS: '*'
Action: 'es:*'
Resource: '*'
Condition:
IpAddress:
aws:SourceIp: ['182.177.251.40', '103.115.199.162']
AdvancedOptions:
rest.action.multi.allow_explicit_index: 'tru
e'
請幫忙
嘗試將您的 ActionPolicies 操作設置為
Action: [
"es:*"
],
好像你忘記了'[]'
在此處查看文檔: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html
我能夠通過在此處提到的 ElasticSearch 實例中使用主體來解決上述問題
刪除后仍然沒有解決錯誤
Condition:
IpAddress:
aws:SourceIp:
- '0.0.0.0' # Whitelisted IP
從 IamRoleStatements 我能夠解決這個問題
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.