service_role简介

比如用户执行部署函数的时候,如 s deploy 出现了如下错误:

Message:  POST /services failed with 403. requestid: 133be885-1682-4590-9fcf-6dbb3111cb1d, message: No permission to assume the role 'acs:ram::123456789:role/xx-test' for you

原因是您配置的 service role 的授信体不是 FC 这个服务, 比如 acs:ram::123456789:role/xx-test

{
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "RAM": ["acs:ram::987654321:root"]
      }
    }
  ],
  "Version": "1"
}

授信的是 987654321 这个云账号, 真正需要授信的是 fc

{
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": ["fc.aliyuncs.com"]
      }
    }
  ],
  "Version": "1"
}

在 GitHub 上编辑本页面 更新时间: Fri, Nov 25, 2022