如何解决如何访问我的lambda中通过cloudformation创建的存储桶?
我正在通过cloudformation模板创建lambda和S3。对于bucket,我传入了bucketName的参数。我想在我的python代码中访问此存储区以获取lambda函数。我该怎么办?
cloudformation模板
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Sample SAM Template
Globals:
Function:
Timeout: 3
Parameters:
bucketName:
Default: somename
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
BucketName: !Sub '${bucketName}-${AWS::AccountID}'
HelloWorldFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: hello_world/
Handler: app.lambda_handler
Runtime: python3.8
Environment:
Variables:
s3bucketName: !GetAtt S3Bucket
lambda_handler函数
import boto3
import os
from requests_aws4auth import AWS4Auth
session = boto3.Session()
credentials = session.get_credentials()
aws4auth = AWS4Auth(credentials.access_key,credentials.secret_key,region,service,session_token=credentials.token)
s3 = boto3.resource('s3')
//get access to the S3 bucket created??
解决方法
s3 = boto3.resource('s3')
obj = s3.Object(bucket,key)
objAsString = obj.get()['Body'].read().decode('utf-8')
您还缺少从lambda访问s3存储桶的策略。
HelloWorldFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: hello_world/
Handler: app.lambda_handler
Runtime: python3.8
Environment:
Variables:
S3_BUCKET_NAME: !Ref S3Bucket
Policies:
- Statement:
- Effect:
Action:
- 's3:GetObject'
- 's3:ListBucket'
- 's3:ListBucketMultipartUploads'
- 's3:PutObject'
Resource:
- !Sub 'arn:aws:s3:::${S3Bucket}'
我将在单独的cloudformation s3.yaml中移动存储桶的创建,并执行一次。
....
Resources:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
BucketName: !Sub '${bucketName}-${AWS::AccountID}'
Outputs:
BucketName:
Value: !Ref S3Bucket
Description: 'Bucket name'
Export:
Name: s3-bucket-name
此后,我可以使用lambda以其他cloudformation形式导入此s3-bucket-name。
Variables:
S3_BUCKET_NAME: !ImportValue s3-bucket-name
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。