如何解决无服务器IAM权限问题

时间:2016-06-12 21:38:13

标签: amazon-web-services aws-lambda amazon-iam serverless-framework

在OSX 10.11 Node v4.4.5 NPM 3.9.5上设置Serverless 0.5.6之后,我运行了 无服务器项目安装serverless-graphql-blog 并为新配置文件提供IAM凭据,我得到:

    Serverless: Deploying resources to stage "dev" in region "us-west-2" via Cloudformation (~3 minutes)...  
    /Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/async.js:61
            fn = function () { throw arg; };
                               ^

    ServerlessError: ServerlessError: The security token included in the request is invalid.
        at new ServerlessError (/Users/mac/.npm-packages/lib/node_modules/serverless/lib/Error.js:17:11)
        at ResourcesDeploy. (/Users/mac/.npm-packages/lib/node_modules/serverless/lib/actions/ResourcesDeploy.js:241:25)
        at ResourcesDeploy.tryCatcher (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/util.js:16:23)
        at Promise._settlePromiseFromHandler (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/promise.js:502:31)
        at Promise._settlePromise (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/promise.js:559:18)
        at Promise._settlePromise0 (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/promise.js:604:10)
        at Promise._settlePromises (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/promise.js:679:18)
        at Async._drainQueue (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/async.js:138:16)
        at Async._drainQueues (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/async.js:148:10)
        at Immediate.Async.drainQueues [as _onImmediate] (/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/async.js:17:14)
        at processImmediate [as _immediateCallback] (timers.js:383:17)
    macs-MacBook-Pro-4:blog mac$ node -v

当我使用现有的凭证时,我得到:

/Users/mac/.npm-packages/lib/node_modules/serverless/node_modules/bluebird/js/release/async.js:61
        fn = function () { throw arg; };
                           ^

ServerlessError: ServerlessError: User: arn:aws:iam::...:user/...@gmail.com 
is not authorized to perform: cloudformation:DescribeStackResources on 
resource: arn:aws:cloudformation:us-west-2:495629083449:stack/serverless-starter-dev-r/*

问题:如何解决安全令牌的问题? 是否有一个冗长的选项,我可以"购买元音"?

1 个答案:

答案 0 :(得分:1)

Wilson Mar,

我认为Serveless Framework正在使用你的aws cli配置。您的主路径上有一个文件(/home/xxx/.aws/credentials),用于存储您的AWS凭据。可能你的凭证没有使用云形成的权限。(无服务使用云形成广泛) cloudformation:DescribeStackResources。

您必须向用户授予权限(添加asws策略)才能对云形成执行操作。

相关问题
最新问题