如何从 Lambda 获得对 EFS 的写访问权限? [英] How do I get write access to EFS from Lambda?

问题描述

我创建了一个 lambda 函数.我使用所有默认设置创建了一个弹性文件系统 (EFS) 和访问点.我将 EFS 附加到 lambda 函数，同样只使用默认值.

I've created a lambda function. I created a Elastic File System (EFS) and access points using all the default settings. I attached the EFS to the lambda function, again just using the defaults.

但是！没有对 EFS 的写访问权限.

But! There is no write access to EFS.

我错过了什么?

希望有好心人知道:)

注意事项....

当前的答案似乎不起作用.我也已经使用 AWS 支持一个多星期了.他们似乎认为 EFS 没有安装.

EFS 挂载到 lambda =/mnt/fs

EFS is mounted to lambda at = /mnt/fs

EFS 访问点 - 根目录路径 =/(将其更改为/fs 的建议会导致内部服务器错误，AWS 支持建议的/mnt/fs 也会导致内部服务错误).

EFS Access point - Root Directory Path = / (A suggestion of changing this to /fs causes an internal server error, AWS support suggested /mnt/fs which also causes an internal service error).

AmazonElasticFileSystemClientFullAccess 和 AWSLambdaVPCAccessExecutionRole 添加到执行角色.

AmazonElasticFileSystemClientFullAccess and AWSLambdaVPCAccessExecutionRole added to execution role.

测试节点js示例:

exports.handler = function(event, ctx, callback) {
    const fs = require("fs");
    fs.mkdir('/mnt/fs/newfolder', { recursive: true }, (err) => {
        callback(null, {
            statusCode: 200,
            "content-type": "text/html",
            body: (err || "ok").toString()
        })
    });
};

推荐答案

您的 Lambda 执行角色必须附加 AmazonElasticFileSystemClientFullAccess，才能编写 EFS.

Your Lambda execution role must have AmazonElasticFileSystemClientFullAccess attached to it, to write EFS.

要添加，请转到 Lambda >许可执行角色并点击角色名称.

To Add, Go to Lambda > Permission > Execution role and click on the role name.

现在，角色将被打开，点击权限下的添加策略并添加AmazonElasticFileSystemClientFullAccess和AWSLambdaVPCAccessExecutionRole

Now, the role will get opened,Click on Add Policy under permissions and add AmazonElasticFileSystemClientFullAccess and AWSLambdaVPCAccessExecutionRole

还要验证您是否正确设置了根目录路径和挂载Lambda 中的点 &EFS 接入点.

Also verify if you have properly set root directory path and mount point in Lambda & EFS Access point.

如果 lambda 文件系统中的挂载点是 /mnt/fs/ 那么你在 Access point 中的根目录路径必须是 /fs

If mount point in lambda File System is /mnt/fs/ then your Root directory path in Access point must be /fs

这篇关于如何从 Lambda 获得对 EFS 的写访问权限?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！