我正在学习aws lambda教程，当前网址是:https://docs.aws.amazon.com/lambda/latest/dg/with-S3-example.html

• 已创建角色“christopher-lambda-test”
• 创建了桶“christopher-test-source”
  • 已将“happyface.jpg”上载到源桶
  • 不确定如何使用这个特定的zip程序从目录中获取文件并将其放入zip的root

  我在aws控制台中完成了下一部分，因为我不确定本教程中命令行中的参数应该是什么样子的。

  • 创建了lambda函数
  • 代码输入类型-上载的zip
  • 运行时-python 3.6
  • 处理程序-create_thumbnail.handler
  • 超时-30秒
  • 执行角色-使用existing-christopher-lambda-test
  • 根据教程创建了测试事件

  该角色显示：

  “权限”选项卡：

  • AWSLAMBDAExecute策略
  • 未设置权限边界

  信任关系：

  • 标识提供程序lambda.amazonaws.com
  • 无条件

  标签：空

  Access Advisor：

  • CloudWatch日志、AWSLAMBDAExecute
  • Amazon S3,AwsLambdaExecute

  测试事件如下所示：

  {
    "Records": [
      {
        "eventVersion": "2.0",
        "eventSource": "aws:s3",
        "awsRegion": "us-west-2",
        "eventTime": "1970-01-01T00:00:00.000Z",
        "eventName": "ObjectCreated:Put",
        "userIdentity": {
          "principalId": "AIDAJDPLRKLG7UEXAMPLE"
        },
        "requestParameters": {
          "sourceIPAddress": "127.0.0.1"
        },
        "responseElements": {
          "x-amz-request-id": "C3D13FE58DE4C810",
          "x-amz-id-2": "FMyUVURIY8/IgAtTv8xRjskZQpcIZ9KG4V5Wp6S7S/JRWeUWerMUE5JgHvANOjpD"
        },
        "s3": {
          "s3SchemaVersion": "1.0",
          "configurationId": "testConfigRule",
          "bucket": {
            "name": "christopher-test-source",
            "ownerIdentity": {
              "principalId": "A3NL1KOZZKExample"
            },
            "arn": "arn:aws:s3:::christopher-test-source"
          },
          "object": {
            "key": "HappyFace.jpg",
            "size": 1024,
            "eTag": "d41d8cd98f00b204e9800998ecf8427e",
            "versionId": "096fKKXTRTtl3on89fVO.nfljtsv6qko"
          }
        }
      }
    ]
  }
  

  该角色具有AWSLambdaExecute策略,如果单击json选项卡,它将显示以下内容：

  {
      "Version": "2012-10-17",
      "Statement": [
          {
              "Effect": "Allow",
              "Action": [
                  "logs:*"
              ],
              "Resource": "arn:aws:logs:*:*:*"
          },
          {
              "Effect": "Allow",
              "Action": [
                  "s3:GetObject",
                  "s3:PutObject"
              ],
              "Resource": "arn:aws:s3:::*"
          }
      ]
  }
  

  当我试图通过控制台中的test按钮运行它时，我得到以下错误：

  START RequestId: 11528d5a-e9f3-4b53-aef8-9b5a5934cd63 Version: $LATEST
  An error occurred (403) when calling the HeadObject operation: Forbidden: ClientError
  Traceback (most recent call last):
    File "/var/task/create_thumbnail.py", line 22, in handler
      s3_client.download_file(bucket, key, download_path)
    File "/var/task/boto3/s3/inject.py", line 172, in download_file
      extra_args=ExtraArgs, callback=Callback)
    File "/var/task/boto3/s3/transfer.py", line 307, in download_file
      future.result()
    File "/var/task/s3transfer/futures.py", line 106, in result
      return self._coordinator.result()
    File "/var/task/s3transfer/futures.py", line 265, in result
      raise self._exception
    File "/var/task/s3transfer/tasks.py", line 255, in _main
      self._submit(transfer_future=transfer_future, **kwargs)
    File "/var/task/s3transfer/download.py", line 345, in _submit
      **transfer_future.meta.call_args.extra_args
    File "/var/task/botocore/client.py", line 357, in _api_call
      return self._make_api_call(operation_name, kwargs)
    File "/var/task/botocore/client.py", line 661, in _make_api_call
      raise error_class(parsed_response, operation_name)
  botocore.exceptions.ClientError: An error occurred (403) when calling the HeadObject operation: Forbidden
  
  END RequestId: 11528d5a-e9f3-4b53-aef8-9b5a5934cd63
  REPORT RequestId: 11528d5a-e9f3-4b53-aef8-9b5a5934cd63  Duration: 467.98 ms Billed Duration: 500 ms Memory Size: 128 MB Max Memory Used: 79 MB  Init Duration: 335.18 ms    
  XRAY TraceId: 1-5d801e11-ab1b32529b00e590684dfe16   SegmentId: 316a1aa70e80ba67 Sampled: false  
  

  我很确定博托需要我设置我的aws凭据，不是吗？我不知道如何在aws Lambda做到这一点。还是这是一个不同的错误？