Использование лямбда-функции AWS для вызова бота lex chat
Я пытаюсь использовать boto3 из лямбда-функции AWS, чтобы сделать post_text боту чата Lex.
Код Python:
client = boto3.client('lex-runtime')
data = "string input"
response = client.post_text(
botName='xxx',
botAlias='yyy',
userId='id',
inputText= data)
но я получаю:
An error occurred (AccessDeniedException) when calling the PostText
operation: User: arn:aws:sts::111111111:assumed-
role/functionName/functionName is not authorized to perform: lex:PostText on
resource: arn:aws:lex:us-east-1:111111111:bot:xxx:yyyy"
Итак, я настроил правила IAM и политику:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lex:PostText"
],
"Resource": [
"arn:aws:lex:us-east-1:111111111:bot:xxx:yyyy"
]
}
]
}
Доверительные отношения:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
Но это все еще не работает, и я получаю ту же ошибку.
0 ответов
I experienced the same issue recently.
It is most certainly related to the permissions assigned to the IAM role that you're using when running the Lambda function.
The easiest way to resolve this is below:-
- Open the Lambda function on the AWS Console.
- Scroll down to the "Execution role" section.
- Click the link under the role to view the role in a new window. It should look something like this: "View the role".
- In the new window under the permissions tab click on "Attach policies".
- This takes you to a new screen. On this screen filter the listed policies by typing in "lex" in the input field.
- The filtered list will contain a policy call "AmazonLexRunBotsOnly".
- Attach this policy to your role.
- Save the changes and make your way back to your lambda function.
- Save the lambda function and retest.
This will resolve your issue.