允许Lambda访问无服务器配置中的特定s3存储桶 [英] Allow lambda to access particular s3 bucket in serverless config
本文介绍了允许Lambda访问无服务器配置中的特定s3存储桶的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
如何允许特定的lambda访问serverless.yml中的特定s3存储桶?
How can I allow specific lambda to access to a particular s3 bucket in the serverless.yml?
例如,我正在使用无服务器将文件上传功能移植到lambda.要将文件上传到特定的s3存储桶,我需要允许lambda访问该s3存储桶.如何在serverless.yml中做到这一点?
For example, I am porting file upload functionality to lambda by using serverless. To upload a file to a particular s3 bucket, I need to allow lambda to access to that s3 bucket. How can I do this in the serverless.yml?
推荐答案
要向此服务范围的角色添加特定权限,请在
provider.iamRoleStatements
中定义将合并到生成的策略中的语句.
To add specific rights to this service-wide Role, define statements in
provider.iamRoleStatements
which will be merged into the generated policy.
service: new-service
provider:
name: aws
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:PutObject"
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- Ref: ServerlessDeploymentBucket
这篇关于允许Lambda访问无服务器配置中的特定s3存储桶的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文