AWS Lambda - 使用不同名称复制对象:拒绝访问

时间:2017-05-19 08:09:10

标签: amazon-web-services aws-lambda

我是aws的新手,我每天使用CloudWatch Event复制一个文件,然后调用一个lambda函数。这个lambda函数运行良好,将文件从一个桶复制到另一个桶。但是,它是完全相同的文件名,我试图在名称文件的开头添加一个日期但我拒绝访问。

Lambda函数工作:

var AWS = require("aws-sdk");

exports.handler = (event, context, callback) => {

    var s3 = new AWS.S3();
    var sourceBucket = "bucket1";
    var destinationBucket = "bucket2";
    var objectKey = "file.csv";
    var copySource = encodeURI(sourceBucket + "/" + objectKey);
    var copyParams = { Bucket: destinationBucket, CopySource: copySource, Key: objectKey };

    s3.copyObject(copyParams, function(err, data) {
        if (err) {
            console.log(err, err.stack);
        } else {
            console.log("S3 object copy successful.");
        }
    });
};

Lambda角色:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": [
                "arn bucket 1/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": [
                "arn bucket 2/*"
            ]
        }
    ]
}

收到错误:

2017-05-19T08:34:01.059Z    e7962caa-3c6d-11e7-bd30-db47f297ea83    { AccessDenied: Access Denied
    at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:539:35)
    at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
    at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
    at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:673:14)
    at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:675:12)
    at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:115:18)
  message: 'Access Denied',
  code: 'AccessDenied',
  region: null,

我想更改复制文件的名称。此外,我看到,使用cloudwatch事件,每次调用事件时都会替换该文件。有没有办法每次都创建一个新文件并保留所有版本?

谢谢。

1 个答案:

答案 0 :(得分:0)

查看存储桶上的启用版本历史记录是否适合您的使用案例。对于您所面临的错误,您可以在问题中添加错误响应吗?

是否有任何理由在错误响应中将区域设为null?您是否正确配置了s3客户端?权限似乎很好,看起来不像权限问题。

相关问题
最新问题