英文:
Serverless Framework is not applying the IAM statements
问题
我有一个非常简单的Lambda函数,用于监听MQTT主题上的事件,这部分运行得很完美。然而,该函数无法发布到另一个主题,这不符合预期。
我在Serverless Framework配置中添加了必要的IAM角色和语句。然而,当我在AWS控制台中检查时,我注意到这些角色没有被应用。我做错了什么?
英文:
I have a very simple Lambda function that listens for events on an MQTT topic, and that part is working perfectly. However, the function is not able to publish to another topic, which is not working as expected.
I added the necessary IAM roles and statements in my Serverless Framework configuration. However, when I checked in the AWS Console, I noticed that these roles are not being applied. What did I do wrong?
functions:
receiver:
handler: app/receiver/handle.handler
statements:
- Effect: Allow
Action:
- iot:Publish
Resource:
- arn:aws:iot:us-east-1:295119111913:topic/sdk/test/js
events:
- iot:
sql: "SELECT encode(*, 'base64') AS data FROM 'sdk/test/python'"
sqlVersion: '2016-03-23'
答案1
得分: 1
你尝试添加语句的方式不受 Serverless Framework 支持。如果您只想将这些语句添加到单个 Lambda 函数中,您需要使用 https://github.com/functionalone/serverless-iam-roles-per-function 插件,并使用 iamRoleStatements 属性。如果您想将这些语句添加到默认角色中,您可以按照此文档中的说明进行操作:https://www.serverless.com/framework/docs/providers/aws/guide/iam#the-default-iam-role
英文:
The way you're trying to add statements is not supported by Serverless Framework. If you'd like to add those statements only to a single Lambda function, you will need https://github.com/functionalone/serverless-iam-roles-per-function plugin and use iamRoleStatements property. If you want to add those statements to the default role, you can do it as presented in docs here: https://www.serverless.com/framework/docs/providers/aws/guide/iam#the-default-iam-role
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论