jah*_*han 4 amazon-s3 amazon-web-services amazon-iam aws-elemental aws-media-convert
我正在努力解决 AWS IAM 角色策略问题,我正在遵循 Lambda 函数的教程,以便在上传新文件时从 s3 存储桶事件中读取数据并将其发送到 AWS MediaConvert 以转换视频文件。Lambda 函数能够在测试中从 s3 读取数据,但在 MediaConvert 上的作业失败。
我已经为角色设置了策略,并给出了内联策略,但我仍然无法让它工作。
AWS Elemental MediaConvert 屏幕截图
为 IAM ROLE 设置的政策
内联策略的 Json
lambda-s3-策略-inlinepolicy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ExampleStmt",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::aws-mybucket-01/*"
]
}
]
}
政策摘要 PolicySummaryImg
VodLambda角色
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*",
"Effect": "Allow",
"Sid": "Logging"
},
{
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::myAccountID:role/my-lambda-role"
],
"Effect": "Allow",
"Sid": "PassRole"
},
{
"Action": [
"mediaconvert:*"
],
"Resource": [
"*"
],
"Effect": "Allow",
"Sid": "MediaConvertService"
},
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Resource": "arn:aws:iam::myAccountID:role/my-lambda-role"
}
]
}
Joh*_*ein 10
确保分配给 MediaConvert 作业的 IAM 角色具有信任 MediaConvert 的信任策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "mediaconvert.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
当您在管理控制台中创建 IAM 角色并选择MediaConvert作为服务时,这通常会自动生成。
| 归档时间: |
|
| 查看次数: |
4097 次 |
| 最近记录: |