【发布时间】:2020-11-10 04:24:38
【问题描述】:
我正在使用 S3 上传管理器将一个大文件上传到 S3。
if _, err := uploader.UploadWithContext(ctx, &s3manager.UploadInput{
Bucket: aws.String(s.Config.GetS3ExportBucket()),
Key: aws.String(key),
Body: bytes.NewReader(buf.Bytes()),
ContentEncoding: aws.String("gzip"),
ContentType: aws.String("application/json"),
}); err != nil {
return fmt.Errorf("failed to upload file, %w", err)
}
根据this AWS 文档,我也为我的 lambda 提供了权限。
#Created Policy for IAM Role
resource "aws_iam_policy" "s3_write_policy" {
name = "${local.namespace}-s3-write-access"
description = "Allow Lambda to access s3 where back will be written"
policy = data.aws_iam_policy_document.s3_write_policy.json
}
data "aws_iam_policy_document" "s3_write_policy" {
statement {
sid = "WriteObjectActions"
effect = "Allow"
actions = [
"s3:AbortMultipartUpload",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:PutObject",]
resources = [
aws_s3_bucket.db_export.arn]
}
}
但是,我不断收到来自 S3 的拒绝访问错误。
【问题讨论】:
-
如果没有看到您要放入的 URL 和资源字符串,就不可能看到您是正确的。用 URL 和资源字符串替换敏感部分并重新发布。
标签: amazon-web-services go amazon-s3 aws-lambda terraform