我正在尝试通过以下方式为所有lambda函数启用aws-xray:
无服务器
provider:
tracing:
lambda: true
apiGateway: true
name: aws
runtime: nodejs8.10
stage: ${opt:stage, 'dev'}
region: ${opt:region, 'ca-central-1'}
服务
import * as AWS from 'aws-sdk'
import * as AWSXRay from 'aws-xray-sdk'
const XAWS = AWSXRay.captureAWS(AWS)
const docClient: DocumentClient = new XAWS.DynamoDB.DocumentClient()
const s3 = new XAWS.S3({signatureVersion: 'v4'})
在
sls deploy之后,出现以下错误:An error occurred: <some_lambda funcion> - The provided execution role does not have permissions to call PutTraceSegments on XRAY (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: 364243f8-8847-48ef-87ad-75da2537e7f7).
我不确定是什么问题。我也尝试过部署:
iamRoleStatements:
- Effect: Allow
Action:
- "xray:PutTraceSegments"
- "xray:PutTelemetryRecords"
Resource:
- "*"
仍然是同样的问题。
我将不胜感激,因为我不知道这是一个问题的原因,我将不胜感激,尤其是因为我有另一个具有跟踪功能的项目,因此完全没有问题!
package.json:
{
"name": "mini-twitter",
"version": "1.0.0",
"description": "Serverless Mini-Twitter app",
"dependencies": {
"aws-xray-sdk": "^2.2.0",
"source-map-support": "^0.5.11",
},
"devDependencies": {
"@types/aws-lambda": "^8.10.17",
"@types/node": "^10.14.4",
"aws-sdk": "^2.433.0",
"serverless-iam-roles-per-function": "^1.0.4",
"serverless-webpack": "^5.2.0",
"ts-loader": "^5.3.3",
"typescript": "^3.4.1",
}
}
最佳答案
似乎sls deploy命令没有将X-Ray权限添加到IAM角色。您是否尝试过手动添加?
转到AWS控制台,导航到IAM,找到与部署相对应的角色,然后将AWSXrayWriteOnlyAccess策略附加到该角色,然后查看它是否有效。