问题描述
当我尝试运行查询表register
的lambda函数example_user
时,它将在下面抛出错误。我的代码仅尝试从表example_user
获取数据,而不创建任何表。
{"errorType":"Runtime.UnhandledPromiseRejection","errorMessage":"AccessDeniedException: User: arn:aws:sts::577777777777:assumed-role/example-user-api-dev-ap-southeast-1-lambdaRole/example-user-api-dev-register is not authorized to perform: dynamodb:CreateTable on resource: arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user","reason":{"errorType":"AccessDeniedException","errorMessage":"User: arn:aws:sts::577777777777:assumed-role/example-user-api-dev-ap-southeast-1-lambdaRole/example-user-api-dev-register is not authorized to perform: dynamodb:CreateTable on resource: arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user"
在13 UserController with email
这是我的代码:
User.js
const schema = new dynamoose.Schema({
"email": String,"uid": String,"name": String,"gender": {
"type": Number,"default": 0
},"profileImageType": {
"type": Number,"profileImage": String,"accountType": Number,},{
"saveUnkNown": true,"timestamps": true
});
module.exports = dynamoose.model('example_user',schema);
UserController.js
const User = require("./User.js");
exports.getProfile = async function(email,res){
console.log("13 UserController with email " + email)
var profile = await User.get(email)
console.log("15 profile")
console.log(profile)
if (profile){
return profile;
}else{
return false;
}
};
下面是我的serverless.yml
文件中的摘录
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:*"
Resource:
- "arn:aws:s3:::profiles.example.app/*"
- Effect: "Allow"
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
Resource:
- "arn:aws:dynamodb:ap-southeast-1:577777777777:table/example_user"
解决方法
您应该能够dynamoose.model('example_user',schema,{"create": false})
来摆脱创建表https://dynamoosejs.com/guide/Model/的需求