amazon web services - AccessDeniedException: User is not authorized to perform: lambda:InvokeFunction -

-

i'm trying invoke lambda function node.

var aws = require('aws-sdk'); var lambda = new aws.lambda({     accesskeyid: 'id',     secretaccesskey: 'key',     region: 'us-west-2' });  lambda.invoke({     functionname: 'test1',     payload: json.stringify({         key1: 'arjun',         key2: 'kom',         key3: 'ath'     }) }, function(err, data) {     if (err) console.log(err, err.stack);     else     console.log(data); });

the keys iam user. user has awslambdaexecute , awslambdabasicexecutionrole policies attached.

i permission error: accessdeniedexception: user: arn:aws:iam::1221321312:user/cli not authorized perform: lambda:invokefunction on resource: arn:aws:lambda:us-west-2:1221321312:function:test1

i read docs , several blogs, i'm unable authorise user invoke lambda function. how user invoke lambda?

thanks.

the awslambdaexecute , awslambdabasicexecutionrole not provide permissions being expressed in error. both of these managed policies designed attached lambda function itself, it runs these policies.

the error saying user under nodejs program running not have rights start lambda function.

you need give iam user lambda:invokefunction permission:

  1. find user in iam management console , click it.
  2. on "permissions" tab, expand "inline policies" section , click "click here" link add policy".
  3. select "custom policy".
  4. give policy name. can anything.
  5. put policy in policy document field.

sample policy:

{     "version": "2012-10-17",     "statement": [         {             "sid": "stmt1464440182000",             "effect": "allow",             "action": [                 "lambda:invokeasync",                 "lambda:invokefunction"             ],             "resource": [                 "*"             ]         }     ] }

in policy, have included both methods invoke lambda methods.

update:

there iam managed policy named awslambdarole can assign iam user or iam role. should give permissions need.


Comments

Post a Comment

Popular posts from this blog

ios - RestKit 0.20 — CoreData: error: Failed to call designated initializer on NSManagedObject class (again) -

-
this error has shown on many times, seems. prominent answer issue seems restkit 0.20 — coredata: error: failed call designated initializer on nsmanagedobject class however, solution posted doesn't work me. let's start beginning: i want upload file server. want parse response make sure uploaded. if not, try again later. model has boolean variable called nsnumber *senttoserver purpose (in coredata, bool saved nsnumber ) . because don't know whether sending going successful, save entity coredata model first before sending via restkit. when post request successful, server returns json string this: {"id":14,"created":true} notice that, of course, id not set on coredata model yet, both id , created new informations model. here's model: @interface recording : nsmanagedobject @property (nonatomic, retain) nsstring * audiofilepath; @property (nonatomic, retain) nsdate * createdat; @property (nonatomic, retain) nsstring * deviceid; @
Read more

java - Digest auth with Spring Security using javaconfig -

-
so i'm trying create digest authentication spring following documentation trying translate xml "requirements" in java requirements. let's have xml in docs: <bean id="digestfilter" class= "org.springframework.security.web.authentication.www.digestauthenticationfilter"> <property name="userdetailsservice" ref="jdbcdaoimpl"/> <property name="authenticationentrypoint" ref="digestentrypoint"/> <property name="usercache" ref="usercache"/> </bean> <bean id="digestentrypoint" class= "org.springframework.security.web.authentication.www.digestauthenticationentrypoint"> <property name="realmname" value="contacts realm via digest authentication"/> <property name="key" value="acegi"/> <property name="noncevalidityseconds" value="10"/> </b
Read more

laravel - PDOException in Connector.php line 55: SQLSTATE[HY000] [1045] Access denied for user 'root'@'localhost' (using password: YES) -

-
my .env: app_env=local app_debug=true app_key=myappkey app_url=http://localhost db_connection=mysql db_host=localhost db_port=3306 db_database=gestiontaller db_username=root db_password='root' cache_driver=file session_driver=file queue_driver=sync redis_host=127.0.0.1 redis_password=null redis_port=6379 mail_driver=smtp mail_host=mailtrap.io mail_port=2525 mail_username=null mail_password=null mail_encryption=null i've tried password ", ' , without, restarting server every time. i've tried changing localhost 172.0.0.1. yes, password correct, running mysql -u root -p introducing password root in prompt can go mysql. users table: +------------------+-----------+ | user | host | +------------------+-----------+ | debian-sys-maint | localhost | | mysql.sys | localhost | | root | localhost | | root1 | localhost | +------------------+-----------+ i've added homestead.yaml this: database_port: 3306
Read more