本文介绍了无法在SAM模板中添加策略的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在研究SAM模板,以将我的应用程序发布到AWS Serverless存储库中.但是,当我尝试为lambda添加策略时,会显示错误消息:无效的无服务器应用程序规范文档.发现的错误数量:1.错误:ID为[SyncPostDataFromSfLambda]的资源无效. 政策"属性中仅支持政策模板.

I am working on SAM template for publishing my Application in AWS Serverless repository.But when I try to add policies for my lambda it shows me error:Invalid Serverless Application Specification document. Number of errors found: 1. Errors: Resource with id [SyncPostDataFromSfLambda] is invalid. Only policy templates are supported in 'Policies' property.

下面是我的SAM模板的示例:

Below is the example for my SAM template:

{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Transform": "AWS::Serverless-2016-10-31",
    "Description": "Deployment",
    "Resources": {
        "SyncPostDataToSfLambda": {
            "Type": "AWS::Serverless::Function",
            "Properties": {
                "Handler": "index.handler",
                "FunctionName": "myLambdaFunction",
                "CodeUri": "s3 URL",
                "Runtime": "nodejs6.10",
                "MemorySize": 512,
                "Policies": [
                    "AmazonDynamoDBFullAccess"
                ],
                "Events": {
                    "PostResource": {
                        "Type": "Api",
                        "Properties": {
                            "RestApiId": {
                                "Ref": "API"
                            },
                            "Path": "/apipath",
                            "Method": "post"
                        }
                    }
                }
            }
        }
    }
}

推荐答案

截至今天(2018-10-09),SAM模板已经支持内联策略文档.

As of today (2018-10-09), SAM template already supports inline policy document.

这里是一个例子:-

Resources:
  SomeFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: index.handler
      Runtime: nodejs8.10
      Policies:
      - Statement:
        - Sid: SSMDescribeParametersPolicy
          Effect: Allow
          Action:
          - ssm:DescribeParameters
          Resource: '*'
        - Sid: SSMGetParameterPolicy
          Effect: Allow
          Action:
          - ssm:GetParameters
          - ssm:GetParameter
          Resource: '*'

参考:

  1. AWS :: Serverless :: AWS SAM规范上的:: Function的 Policies 属性
  2. GitHub上的相关问题
  1. AWS::Serverless::Function's Policies property on AWS SAM Specification
  2. Related issue on GitHub

这篇关于无法在SAM模板中添加策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-11 06:58