【发布时间】:2018-07-04 12:00:59
【问题描述】:
我正在尝试按照https://github.com/alexa/skill-sample-nodejs-fact 中的说明建立事实技能。
克隆存储库,初始化 ASK CLI 并安装 npm 依赖项。
然后我尝试通过运行命令 ask deploy 一步部署技能和 lambda 函数。但它显示AccessDeniedException。请帮我解决问题
-------------------- Create Skill Project --------------------
Profile for the deployment: [default] Skill Id: amzn1.ask.skill.1234ab-1234
Skill deployment finished. Model deployment finished. Create Lambda error. AccessDeniedException: User: arn:aws:iam::12345678:user/ASK_CLI_USER is not authorized to perform: lambda:CreateFunction on resource: arn:aws:lambda:us-east-1:12345678:function:what_name_you_want_to_name_the_lambda
请注意:
按照以下链接中的说明安装和设置 ASK CLI: https://developer.amazon.com/docs/smapi/quick-start-alexa-skills-kit-command-line-interface.html
按照以下链接中的说明为 Amazon Web Services (AWS) 账户 CLI 设置凭证: https://developer.amazon.com/docs/smapi/set-up-credentials-for-an-amazon-web-services-account.html
-
创建了用户 ASK_CLI_USER 并创建了具有权限的新策略
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:CreateRole", "iam:GetRole", "iam:AttachRolePolicy", "iam:PassRole" ], "Resource": "arn:aws:iam:::role/ask-" }, { "Effect": "Allow", "Action": [ "lambda:AddPermission", "lambda:CreateFunction", "lambda:GetFunction", "lambda:UpdateFunctionCode", "lambda:ListFunctions" ], "Resource": "arn:aws:lambda:::function:ask-" }, { "Effect": "Allow", "Action": [ "logs:FilterLogEvents", "logs:getLogEvents", "logs:describeLogStreams" ], "Resource": "arn:aws:logs:::log-group:/aws/lambda/ask-" } ] }
【问题讨论】:
标签: alexa