AWS boto3用户:arn:AWS:iam::xxxx:root无权对资源执行:lambda:AddLayerVer

import json
import boto3
client = boto3.client('lambda')
response = client.add_layer_version_permission(
LayerName='arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1x',
VersionNumber=29,
StatementId='xaccount',
Action='lambda:GetLayerVersion',
Principal='*',
)
print(response)

setp1(设置aws凭据

步骤2(创建了新的IAM管理员用户，并将策略分配给该用户AdministratorAccess、AWSLambda_FullAccess和AWSLambda执行

步骤3(在运行python脚本后，我得到错误

botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the AddLayerVersionPermission operation: User: arn:aws:iam::xxxx:root is not authorized to perform: lambda:AddLayerVersionPermission on resource: arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1x:29

您试图修改的层：

arn:aws:lambda:us-east-1:xxxx:layer:AWSLambda-Python38-SciPy1

是AWS管理的公共层。它不属于您，因此您无法修改其权限，这解释了为什么拒绝您这样做。

相关内容

最新更新

热门标签：