【发布时间】:2020-10-31 20:32:14
【问题描述】:
当我尝试运行查询表 example_user 的 lambda 函数 register 时,它会抛出以下错误。我的代码只是试图从表 example_user 中获取数据,而不是创建任何表。
{"errorType":"Runtime.UnhandledPromiseRejection","errorMessage":"AccessDeniedException: User: arn:aws:sts::577777777777:assumed-role/example-user-api-dev-ap-southeast-1-lambdaRole/example-user-api-dev-register is not authorized to perform: dynamodb:CreateTable on resource: arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user","reason":{"errorType":"AccessDeniedException","errorMessage":"User: arn:aws:sts::577777777777:assumed-role/example-user-api-dev-ap-southeast-1-lambdaRole/example-user-api-dev-register is not authorized to perform: dynamodb:CreateTable on resource: arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user"
13 UserController with email之后抛出的错误
这是我的代码:
User.js
const schema = new dynamoose.Schema({
"email": String,
"uid": String,
"name": String,
"gender": {
"type": Number,
"default": 0
},
"profileImageType": {
"type": Number,
"default": 0
},
"profileImage": String,
"accountType": Number,
}, {
"saveUnknown": true,
"timestamps": true
});
module.exports = dynamoose.model('example_user', schema);
UserController.js
const User = require("./User.js");
exports.getProfile = async function(email,res){
console.log("13 UserController with email " + email)
var profile = await User.get(email)
console.log("15 profile")
console.log(profile)
if (profile){
return profile;
}else{
return false;
}
};
下面是我的serverless.yml文件中的一个sn-p
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:*"
Resource:
- "arn:aws:s3:::profiles.example.app/*"
- Effect: "Allow"
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
Resource:
- "arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user"
【问题讨论】:
标签: aws-lambda amazon-dynamodb serverless-framework dynamoose