【发布时间】:2020-12-26 02:17:38
【问题描述】:
AWS Chalice 所需的 IAM 角色策略是什么。
Github 里没有官方文档?
运行AWS Chalice需要什么权限?
【问题讨论】:
标签: python aws-lambda amazon-iam chalice
【发布时间】:2020-12-26 02:17:38
【问题描述】:
截至 2020 年 7 月 9 日,Github 上没有官方文档,并且有一个 Open issue on documentation regarding IAM。
所需的权限是,
- API 网关
- IAM
- 拉姆达
对我有用的政策,
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1471020565000",
"Effect": "Allow",
"Action": [
"iam:AttachRolePolicy",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:CreateRole",
"iam:PutRolePolicy",
"iam:GetRole",
"iam:PassRole"
],
"Resource": [
"*"
]
},
{
"Sid": "Stmt1471020565001",
"Effect": "Allow",
"Action": [
"apigateway:GET",
"apigateway:HEAD",
"apigateway:POST"
],
"Resource": [
"arn:aws:apigateway:ap-south-1::/restapis",
"arn:aws:apigateway:ap-south-1::/restapis/*/resources",
"arn:aws:apigateway:ap-south-1::/restapis/*/resources/*"
]
},
{
"Sid": "Stmt1471020565002",
"Effect": "Allow",
"Action": [
"apigateway:DELETE"
],
"Resource": [
"arn:aws:apigateway:ap-south-1::/restapis/*/resources/*"
]
},
{
"Sid": "Stmt1471020565003",
"Effect": "Allow",
"Action": [
"apigateway:POST"
],
"Resource": [
"arn:aws:apigateway:ap-south-1::/restapis/*/deployments",
"arn:aws:apigateway:ap-south-1::/restapis/*/resources/*"
]
},
{
"Sid": "Stmt1471020565004",
"Effect": "Allow",
"Action": [
"apigateway:PUT"
],
"Resource": [
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/GET",
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/GET/*",
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/POST",
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/POST/*",
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/PUT",
"arn:aws:apigateway:ap-south-1::/restapis/*/methods/PUT/*"
]
},
{
"Sid": "Stmt1471020565005",
"Effect": "Allow",
"Action": [
"apigateway:PATCH"
],
"Resource": [
"arn:aws:apigateway:ap-south-1::/restapis/*"
]
},
{
"Effect": "Allow",
"Action": "lambda:*",
"Resource": "*"
}
]
}
【讨论】: