为什么我在尝试使用 AWS Lambda 函数发布 MQTT 消息时收到 ForbiddenException?

问题描述 投票:0回答:1

如何使用 node.js 16.x lambda 函数发布到 AWS IoT mqtt 主题?

我创建了一个 lambda 函数,该函数将由 AWS cloudwatch 事件触发以发布 mqtt 消息。为了授予 lambda 函数发布 mqtt 消息的权限,我附加了 AWSIoTDataAccess 策略,它应该授予对 AWS IoT 消息传递操作的完全访问权限。

import AWS from "aws-sdk";
var iotdata = new AWS.IotData({
  endpoint: "xxxxxxxxxxxxxxxx.iot.amazonaws.com",
  region: "ca-central-1",
});

export async function handler(event, context) {
    /* do something */
    await requestHB(inactiveDevices);
}

async function requestHB(inactiveDevices) {
  if (inactiveDevices == null) return;
  const publishPromises = inactiveDevices.map(async (element) => {
    var params = {
      topic: "device/inactive",
      payload: JSON.stringify({ type: 0, imei: String(element.imei) }),
      qos: 0,
    };

    try {
      await iotdata.publish(params).promise();
      console.log("Message published successfully");
    } catch (error) {
      console.error("Error publishing message:", error);
    }
  });

  await Promise.all(publishPromises);
}

使用上面的代码,我收到以下错误消息。

2023-05-29T17:49:01.024Z    5208a53c-f0f8-409f-a64b-9e901be9aa80    ERROR   Error publishing message: ForbiddenException: null
    at Object.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:61:27)
    at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/rest_json.js:61:8)
    at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:688:12) {
  code: 'ForbiddenException',
  time: 2023-05-29T17:49:01.023Z,
  requestId: '0779829a-7f5d-d298-f9da-08f1b6d83753',
  statusCode: 403,
  retryable: false,
  retryDelay: 24.36546771452397
}

状态代码 403 表示发出请求的客户端没有执行该操作所需的权限。但我已经附加了完整的访问策略,我缺少什么?

javascript node.js aws-lambda aws-iot
1个回答
0
投票

当我意外尝试向 AppSync 客户端发送 DynamoDB 命令时,出现此错误。确保您向正确的客户端发送正确的命令,并且您的函数具有使用 IAM 设置的正确权限。

最新问题
© www.soinside.com 2019 - 2025. All rights reserved.