我正在使用命令行通过 aws 运行一些情绪分析,并且遇到了一些 IAM 问题。在运行“detect_dominant_language”函数时,尽管有允许所有理解函数的策略,但我还是遇到了 NotAuthorizedExceptions。该帐户的政策是:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"comprehend:*",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:GetBucketLocation",
"iam:ListRoles",
"iam:GetRole"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
关于我可能在哪里出错的任何想法?我已经三重检查了我的访问密钥,以确保我指的是正确的帐户。当我检查政策时,它就在那里,所以我对断开连接有点不知所措。S3 似乎也运行良好。
已经采取的步骤:
- 重置访问密钥/秘密访问密钥。
- 创建明确引用所需功能的 iam 策略并将其附加到“管理员”用户。
- 从 CLI 调用此方法(得到相同的错误)。
下面,我提供了可能有用的其他信息......
检查 iam 政策的代码:
iam = boto3.client('iam',
aws_access_key_id = '*********************',
aws_secret_access_key = '*************************************')
iam.list_attached_user_policies(UserName="Admin")
输出:
{'AttachedPolicies': [{'PolicyName': 'ComprehendFullAccess',
'PolicyArn': 'arn:aws:iam::aws:policy/ComprehendFullAccess'},
{'PolicyName': 'AdministratorAccess',
'PolicyArn': 'arn:aws:iam::aws:policy/AdministratorAccess'},
{'PolicyName': 'Comprehend-Limitied',
'PolicyArn': 'arn:aws:iam::401311205158:policy/Comprehend-Limitied'}],
'IsTruncated': False,
'ResponseMetadata': {'RequestId': '9094d8ff-1730-44b8-af0f-9222a63b32e9',
'HTTPStatusCode': 200,
'HTTPHeaders': {'x-amzn-requestid': '9094d8ff-1730-44b8-af0f-9222a63b32e9',
'content-type': 'text/xml',
'content-length': '871',
'date': 'Thu, 20 Jan 2022 21:48:11 GMT'},
'RetryAttempts': 0}}
触发错误的代码:
comprehend = boto3.client('comprehend',
aws_access_key_id = '*********************',
aws_secret_access_key = '********************************')
test_language_string = "This is a test string. I'm hoping that AWS Comprehend can interprete this as english..."
comprehend.detect_dominant_language(Text=test_language_string)
输出:
ClientError: An error occurred (NotAuthorizedException) when calling the DetectDominantLanguage operation: Your account is not authorized to make this call.