我试图使用lambda将json blob放入S3 bucket中,但在查看cloudwatch日志时,我得到了以下错误信息。
[ERROR] ClientError: An error occurred (AccessDenied) when calling the PutObject operation: Access Denied
Traceback (most recent call last):
File "/var/task/main.py", line 147, in lambda_handler
save_articles_and_comments(sub, submissions)
File "/var/task/main.py", line 125, in save_articles_and_comments
object.put(Body=json.dumps(articles))
File "/var/task/boto3/resources/factory.py", line 520, in do_action
response = action(self, *args, **kwargs)
File "/var/task/boto3/resources/action.py", line 83, in __call__
response = getattr(parent.meta.client, operation_name)(*args, **params)
File "/var/task/botocore/client.py", line 316, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/var/task/botocore/client.py", line 635, in _make_api_call
raise error_class(parsed_response, operation_name)
所有的块公共访问设置都被设置为 "关闭",代码中的 bucket 名称与 S3 中的相同。这是将json blob放入S3 bucket和lambda处理程序的代码。
def save_articles_and_comments(sub, submissions):
"""
"""
s3 = boto3.resource('s3')
now = dt.datetime.utcnow()
formatted_date = now.strftime("%Y-%m-%d-%H-%M-%S")
articles, comments = data_for_subreddit(submissions)
print("Number of articles, comments {}, {}".format(len(articles), len(comments)))
articles_name = 'articles/' + formatted_date + '_' + sub + '_articles.json'
comments_name = 'comments/' + formatted_date + '_' + sub + '_comments.json'
object = s3.Object('diegos-reddit-bucket', articles_name)
object.put(Body=json.dumps(articles))
print("Finished writing articles to {}".format(articles_name))
object = s3.Object('diegos-reddit-bucket', comments_name)
object.put(Body=json.dumps(comments))
print("Finished writing comments to {}".format(comments_name))
def lambda_handler(x, y):
"""
"""
import time
import random
idx = random.randint(0, len(SUBREDDITS)-1)
start = time.time()
assert PRAW_KEY is not None
sub = SUBREDDITS[idx]
red = reddit_instance()
subreddit = red.subreddit(sub)
print("Pulling posts from {}, {}.".format(sub, "hot"))
submissions = subreddit.hot()
save_articles_and_comments(sub, submissions)
print("="*50)
print("Pulling posts from {}, {}.".format(sub, "new"))
submissions = subreddit.new()
save_articles_and_comments(sub, submissions)
print("="*50)
print("Pulling posts from {}, {}.".format(sub, "top"))
submissions = subreddit.top()
save_articles_and_comments(sub, submissions)
print("="*50)
print("Pulling posts from {}, {}.".format(sub, "rising"))
submissions = subreddit.rising()
save_articles_and_comments(sub, submissions)
end = time.time()
print("Elapsed time {}".format(end - start))
我不知道代码中的问题是什么,所以才会出现上述错误,我把我的lambda_handler函数换成了main,在本地测试。有了main,它就能正常工作,并写入S3 bucket和它所尊重的文件夹。当我尝试通过AWS Lambda运行时,在函数完成从第一个subreddit拉取帖子并试图将json blob放入S3 bucket中的文件夹后,我得到了上述错误。这是我的输出应该是这样的
Pulling posts from StockMarket, hot.
Number of articles, comments 101, 909
Finished writing articles to articles/2020-06-03-02-48-44_StockMarket_articles.json
Finished writing comments to comments/2020-06-03-02-48-44_StockMarket_comments.json
==================================================
Pulling posts from StockMarket, new.
Number of articles, comments 101, 778
Finished writing articles to articles/2020-06-03-02-49-10_StockMarket_articles.json
Finished writing comments to comments/2020-06-03-02-49-10_StockMarket_comments.json
==================================================
Pulling posts from StockMarket, top.
Number of articles, comments 101, 5116
Finished writing articles to articles/2020-06-03-02-49-36_StockMarket_articles.json
Finished writing comments to comments/2020-06-03-02-49-36_StockMarket_comments.json
==================================================
Pulling posts from StockMarket, rising.
Number of articles, comments 24, 170
Finished writing articles to articles/2020-06-03-02-52-10_StockMarket_articles.json
Finished writing comments to comments/2020-06-03-02-52-10_StockMarket_comments.json
Elapsed time 215.6588649749756
是我的代码有问题,还是AWS方面的问题?
出现问题的原因是您有 无权限 将对象写入桶中。
PutObject 操作。拒绝访问
要想纠正这个问题,得看看以下几点 兰姆达执行角色:它是否有权限写入S3?也可以检查桶策略。
主它工作,并写入S3 bucket及其尊重的文件夹。当我尝试并通过AWS Lambda运行时,我得到了上述错误信息
当你在本地测试时,你的代码使用的是 自己的权限 (你的IAM用户)写到S3。这样就可以了。当你在lambda上执行代码时,你的函数不使用你的权限。相反,它使用定义在 兰姆达执行角色.