IAM 角色 ARN Rekognition 创建流处理器
IAM Role ARN Rekognition create stream Processor
我正在尝试使用来自流式 Kinesis 的 AWS 人脸识别,但卡在创建流处理器步骤并出现错误:
err AccessDeniedException: status code: 400, request id: d871329b-4553-11e9-9d9b-bf3e1c3a90d6
我的配置是:
IAM 政策
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"kinesisanalytics:*",
"kinesisvideo:*",
"kinesis:*",
"rekognition:*"
],
"Resource": "*"
}
]
}
该角色有 2 个附加策略,AmazonRekognitionServiceRole 和以上自定义策略。
Role's Trust relationships:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "rekognition.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {}
}
]
}
测试代码(Golang):
func createStreamProcessor() {
sess, err := session.NewSession(&aws.Config{
Region: aws.String("ap-southeast-2"),
//Credentials: credentials.NewSharedCredentials("", "default"),
})
fmt.Println(err)
reko := rekognition.New(sess)
result, err := reko.ListCollections(&rekognition.ListCollectionsInput{
MaxResults: aws.Int64(100),
})
fmt.Println(result)
fmt.Println(err)
input := rekognition.CreateStreamProcessorInput{
Name: aws.String("RdsStreamProcessor"),
Input: &rekognition.StreamProcessorInput{
KinesisVideoStream: &rekognition.KinesisVideoStream{
Arn: aws.String("arn:aws:kinesisvideo:ap-southeast-2:nnnnnnnnn:stream/redisys-stream/1552295399763"),
},
},
Output: &rekognition.StreamProcessorOutput{
KinesisDataStream: &rekognition.KinesisDataStream{
Arn: aws.String("arn:aws:kinesis:ap-southeast-2:nnnnnnnnn:stream/rds-face-recognition-stream"),
},
},
RoleArn: aws.String("arn:aws:iam::nnnnnnnnn:role/rds_recognition_role"),
Settings: &rekognition.StreamProcessorSettings{
FaceSearch: &rekognition.FaceSearchSettings{
CollectionId: aws.String("rds_customers"),
FaceMatchThreshold: aws.Float64(90),
},
},
}
fmt.Println(input)
outPut, err := reko.CreateStreamProcessor(&input)
if err != nil {
fmt.Println(err.Error())
}
fmt.Println(outPut)
}
截至 2019 年 3 月 27 日,Rekognition 直播仅在 4 个区域可用:us-east-1、us-west-2、eu-west-1 和 ap-northeast-1
我正在尝试使用来自流式 Kinesis 的 AWS 人脸识别,但卡在创建流处理器步骤并出现错误:
err AccessDeniedException: status code: 400, request id: d871329b-4553-11e9-9d9b-bf3e1c3a90d6
我的配置是:
IAM 政策
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"kinesisanalytics:*",
"kinesisvideo:*",
"kinesis:*",
"rekognition:*"
],
"Resource": "*"
}
]
}
该角色有 2 个附加策略,AmazonRekognitionServiceRole 和以上自定义策略。
Role's Trust relationships:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "rekognition.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {}
}
]
}
测试代码(Golang):
func createStreamProcessor() {
sess, err := session.NewSession(&aws.Config{
Region: aws.String("ap-southeast-2"),
//Credentials: credentials.NewSharedCredentials("", "default"),
})
fmt.Println(err)
reko := rekognition.New(sess)
result, err := reko.ListCollections(&rekognition.ListCollectionsInput{
MaxResults: aws.Int64(100),
})
fmt.Println(result)
fmt.Println(err)
input := rekognition.CreateStreamProcessorInput{
Name: aws.String("RdsStreamProcessor"),
Input: &rekognition.StreamProcessorInput{
KinesisVideoStream: &rekognition.KinesisVideoStream{
Arn: aws.String("arn:aws:kinesisvideo:ap-southeast-2:nnnnnnnnn:stream/redisys-stream/1552295399763"),
},
},
Output: &rekognition.StreamProcessorOutput{
KinesisDataStream: &rekognition.KinesisDataStream{
Arn: aws.String("arn:aws:kinesis:ap-southeast-2:nnnnnnnnn:stream/rds-face-recognition-stream"),
},
},
RoleArn: aws.String("arn:aws:iam::nnnnnnnnn:role/rds_recognition_role"),
Settings: &rekognition.StreamProcessorSettings{
FaceSearch: &rekognition.FaceSearchSettings{
CollectionId: aws.String("rds_customers"),
FaceMatchThreshold: aws.Float64(90),
},
},
}
fmt.Println(input)
outPut, err := reko.CreateStreamProcessor(&input)
if err != nil {
fmt.Println(err.Error())
}
fmt.Println(outPut)
}
截至 2019 年 3 月 27 日,Rekognition 直播仅在 4 个区域可用:us-east-1、us-west-2、eu-west-1 和 ap-northeast-1