Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Unable to invoke AWS Lambda function: Authorization error

0

I am using storing the document first in my bucket and then calling the lambda function that I created to get the response of the document, I am able to send the document in S3 but getting the below error that's why I am not getting the response of the document in code of react.js.

Error:- "AccessDeniedException: User: arn:aws:iam::076465650773:user/username is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:ap-south-1:076465650773:function:testing-lamda-function because no permissions boundary allows the lambda:InvokeFunction action"

I have already created the role, user & inline policy as below:- ![lambda_role] (/media/postImages/original/IMitfRFbfYS5qWO8lJn9BMGw)

![aws_user] (/media/postImages/original/IMtt5hcq8sQwCZdZfCAPnUzA)

![testing-lambda-policy] (/media/postImages/original/IMiNOBaFjKQRyHlTUf9EDcrw)

My code:-

export const DetectText = () => {
  const [file, setFile] = useState({});
  const bucketName = process.env.REACT_APP_SECRET_BUCKET_NAME;

  const onSelectFile = (e) => {
    if (!e.target.files || e.target.files.length === 0) return;
    const reader = new FileReader();
    const file = e.target.files[0];
    setFile(file);
    reader.readAsDataURL(file);
  }

  const s3 = new AWS.S3({
    accessKeyId: process.env.REACT_APP_ACCESS_KEY_id,
    secretAccessKey: process.env.REACT_APP_SECRET_ACCESS_KEY,
    region: 'ap-south-1'
  });

  const detectText = async () => {
    const params = {Bucket: bucketName, Key: file.name, Body: file};
    s3.putObject(params, (err, data) => {
      if (err) console.log(err);
      else console.log(data);
    });

    const lambda = new AWS.Lambda({
      accessKeyId: process.env.REACT_APP_ACCESS_KEY_id,
      secretAccessKey: process.env.REACT_APP_SECRET_ACCESS_KEY,
      region: 'ap-south-1'
    });

    const params2 = {
      FunctionName: 'testing-lamda-function',
      Payload: JSON.stringify({
        Records: [{
           s3:{bucket: { name: bucketName }, object: { key: file.name }}
          }]
      })
    };

    lambda.invoke(params2, (err, data) => {
      if (err)console.log(err);
      else console.log(data);
    });
  };

  return (
    <div>
      <input type='file' id='file' name='file' onChange={onSelectFile} className='inputfile' />
      <button onClick={detectText} style={{ margin: "10px" }}>Run OCR</button>
    </div>
  )
}

Please let me know what I am doing wrong. Any help or suggestion will be truly appreciated.

Themen
ServerlosSpeicherKalkulation
Tags
ServerlosAmazon Simple Storage ServiceAWS Lambda
Sprache
English
Ritik
gefragt vor einem Jahr1179 Aufrufe
1 Antwort
1
Akzeptierte Antwort

From the error message, it appears that the IAM user "User: arn:aws:iam::076465650773:user/username" does not have "lambda:InvokeFunction" permission.
Try setting "lambda:InvokeFunction" to the appropriate IAM user.
Also, please check the following document, as it says "because no permissions boundary".
https://repost.aws/knowledge-center/iam-access-denied-permissions-boundary

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor einem Jahr
  • Ritik
    vor einem Jahr

    Thanks now it's working after adding this InvokeFunction

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt