如何解决如何在 AWS Keyspaces 中添加权限?
当我尝试从 AWS Lambda 查询 AWS Keyspaces(托管 Cassandra)时,我收到此错误:
{
"errorType": "AggregateException","errorMessage": "One or more errors occurred. (All hosts tried for query Failed (tried 11.11.111.11:9142: UnauthorizedException 'User arn:aws:iam::111111111111:user/user-for-keyspaces has no permissions.'; 11.11.111.11:9142: UnauthorizedException 'User arn:aws:iam::111111111111:user/user-for-keyspaces has no permissions.'))","stackTrace": [
"at lambda_method(Closure,Stream,LambdaContextInternal )"
],"cause": {
"errorType": "NoHostAvailableException",...
但在密钥空间的 AWS 控制台中,我没有看到任何地方可以添加权限。
user-for-keyspaces 的用户政策已附加此内容:
{
"Version": "2012-10-17","Statement": [
{
"Action": [
"cassandra:*"
],"Effect": "Allow","Resource": "*"
}
]
}
如何在 AWS Keyspaces 中添加权限?
解决方法
问题实际上与错误消息中的用户无关,而是我为 Keyspaces 创建的 VPC 端点。
端点需要 cassandra:* 权限才能执行查询,例如
{
"Statement": [
{
"Sid": "keyspaces-full-access","Principal": "*","Action": [
"cassandra:*","keyspaces:*"
],"Effect": "Allow","Resource": "*"
}
]
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
