Lambda函数->手动访问Api Gateway阶段变量权限 [英] Lambda function -> Api Gateway stage variable permission manually

问题描述

您将Lambda函数定义为阶段变量；你必须 手动授予您将要使用的所有功能的权限.你可以 为此，请针对每个功能运行以下AWS CLI命令， 将function-name参数中的stage变量替换为 必要的功能名称.

You defined your Lambda function as a stage variable; you must manually give permissions to all the functions you will use. You can do this by running the below AWS CLI command for each function, replacing the stage variable in the function-name parameter with the necessary function name.

aws lambda add-permission --function-name arn:aws:lambda:eu-west-1:12345:function:test${stageVariables.functionAlias} --source-arn arn:aws:execute-api:eu-west-1:12345:dsad667asd/*/GET/test/test --principal apigateway.amazonaws.com --statement-id d5a14508-22bb-4413-87c9-d9715e36435d --action lambda:InvokeFunction

获取此消息和建议以运行此命令，不幸的是，在这里抛出此命令不起作用

Getting this message and suggestion to run this command , unfortunately it does not work here throwing

zsh: bad substitution

不管有没有zsh，我正在寻找的是一种手动完成此操作的方法(使用aws界面)

with or without zsh, what I am looking is a way to do this manualy (using aws interface)

谢谢！

推荐答案

您是否在命令中保留了"$ {stageVariables.functionAlias}"?此命令的--function-name参数需要遵循以下格式的有效的完全限定或部分lambda函数ARN:

Did you leave the "${stageVariables.functionAlias}" in your command? The --function-name parameter of this command needs to a valid fully-qualified or partial lambda function ARN following the pattern of:

(arn:aws:lambda:[region]:[account-id]:function:)[function-name](:[function-alias])

根据需要替换region，account-id，function-name和function-alias.

Where region, account-id, function-name and function-alias are substituted as appropriate.

如果您的函数与发出命令的用户位于同一帐户和区域中，而您只想参考$LATEST函数版本，则仅指定函数名称将是完全有效的，并节省了一些击键:/p>

If your function is in the same account and region as the user issuing the command, and you simply want to refer to the $LATEST function version, specifying just the function name would be perfectly valid and save a few keystrokes:

aws lambda add-permission --function-name test --source-arn arn:aws:execute-api:eu-west-1:12345:dsad667asd/*/GET/test/test --principal apigateway.amazonaws.com --statement-id d5a14508-22bb-4413-87c9-d9715e36435d --action lambda:InvokeFunction

有关使用aws lambda add-permission CLI命令的信息，请参阅此文档:

See this document on usage of the aws lambda add-permission CLI command: http://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html

这篇关于Lambda函数->手动访问Api Gateway阶段变量权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！