为 PostText API 授权用户调用 Lex 机器人运行时
Authorizing User for PostText API call for a Lex bot runtime
我正在尝试制作一个 AWS Lex 机器人,它将通过 lambda return 一个意图。我在客户端有语音识别,我想将语音转录成文本,然后通过无服务器将其发送到端点并接收该意图。所有这些都有效,但是在集成无服务器和 aws-sdk 时,我遇到了麻烦。
我得到的错误是
ERROR AccessDeniedException: User: arn:aws:sts::387496244796:assumed-role/voice-dev-us-east-1-lambdaRole/voice-dev-sendTranscript is not authorized to perform: lex:PostText on resource: arn:aws:lex:us-east-1:387496244796:bot:VoiceRecognitionBot:dev
at Object.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:52:27)
at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/rest_json.js:55:8)
at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:688:14)
at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:690:12) {
code: 'AccessDeniedException',
time: 2021-06-03T22:39:31.171Z,
requestId: 'db61b680-dc93-40f1-8ac8-485aa857b5a6',
statusCode: 403,
retryable: false,
retryDelay: 22.72147780759437
}
我查看了 ,但就发送 userId 而言,我似乎并没有做任何不同的事情。我没有使用 Facebook Messenger 或任何此类服务。这是我们自己的应用程序中的 userId。
这是我的经纪人:
"use strict";
const AWS = require("aws-sdk");
module.exports.sendTranscript = async (event, context, callback) => {
const lexService = new AWS.LexRuntime();
const params = {
botAlias: "dev",
botName: "VoiceRecognitionBot",
inputText: event.transcript,
userId: event.userId,
};
const results = await lexService
.postText(params, (error, data) => {
if (error) console.error(error);
else console.log("DATA RESPONSE => ", data);
})
.promise();
callback(null, results);
};
正在捕获错误,基本上就是上面的日志。
这是我的示例输入:
{"transcript": "chat with team", "userId": "920bfg83-95af-423c-a058-8f58b23487r6"}
难道是我的serverless.yml?除了重命名功能,我没碰过它。没有 IAM 角色。
这个错误是因为 lambda 没有正确的角色来执行 lex post 文本。参考 https://docs.aws.amazon.com/lex/latest/dg/security_iam_id-based-policy-examples.html
将 lex 读取角色分配给 lambda 并重试它应该工作。
我正在尝试制作一个 AWS Lex 机器人,它将通过 lambda return 一个意图。我在客户端有语音识别,我想将语音转录成文本,然后通过无服务器将其发送到端点并接收该意图。所有这些都有效,但是在集成无服务器和 aws-sdk 时,我遇到了麻烦。
我得到的错误是
ERROR AccessDeniedException: User: arn:aws:sts::387496244796:assumed-role/voice-dev-us-east-1-lambdaRole/voice-dev-sendTranscript is not authorized to perform: lex:PostText on resource: arn:aws:lex:us-east-1:387496244796:bot:VoiceRecognitionBot:dev
at Object.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:52:27)
at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/rest_json.js:55:8)
at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:688:14)
at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:690:12) {
code: 'AccessDeniedException',
time: 2021-06-03T22:39:31.171Z,
requestId: 'db61b680-dc93-40f1-8ac8-485aa857b5a6',
statusCode: 403,
retryable: false,
retryDelay: 22.72147780759437
}
我查看了 userId 而言,我似乎并没有做任何不同的事情。我没有使用 Facebook Messenger 或任何此类服务。这是我们自己的应用程序中的 userId。
这是我的经纪人:
"use strict";
const AWS = require("aws-sdk");
module.exports.sendTranscript = async (event, context, callback) => {
const lexService = new AWS.LexRuntime();
const params = {
botAlias: "dev",
botName: "VoiceRecognitionBot",
inputText: event.transcript,
userId: event.userId,
};
const results = await lexService
.postText(params, (error, data) => {
if (error) console.error(error);
else console.log("DATA RESPONSE => ", data);
})
.promise();
callback(null, results);
};
正在捕获错误,基本上就是上面的日志。
这是我的示例输入:
{"transcript": "chat with team", "userId": "920bfg83-95af-423c-a058-8f58b23487r6"}
难道是我的serverless.yml?除了重命名功能,我没碰过它。没有 IAM 角色。
这个错误是因为 lambda 没有正确的角色来执行 lex post 文本。参考 https://docs.aws.amazon.com/lex/latest/dg/security_iam_id-based-policy-examples.html
将 lex 读取角色分配给 lambda 并重试它应该工作。