“GetObject 时发生错误。S3 错误代码:PermanentRedirect。S3 错误消息:存储桶位于此区域:us-east-1
Posted
技术标签:
【中文标题】“GetObject 时发生错误。S3 错误代码:PermanentRedirect。S3 错误消息:存储桶位于此区域:us-east-1【英文标题】:"Error occurred while GetObject. S3 Error Code: PermanentRedirect. S3 Error Message: The bucket is in this region: us-east-1 【发布时间】:2022-01-05 17:19:28 【问题描述】:我尝试关注这个研讨会https://gitflow-codetools.workshop.aws/en/,一切都很好,但是当我尝试使用 cloudformation 创建 lambda 时出现错误:
Resource handler returned message: "Error occurred while GetObject. S3 Error Code:
PermanentRedirect. S3 Error Message: The bucket is in this region:
us-east-1. Please use this region to retry the request (Service: Lambda,
Status Code: 400, Request ID: xxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxx,
Extended Request ID: null)" (RequestToken: xxxxxx-xxxxx-xxxx-xxxx-xxxxxxxxxx, HandlerErrorCode: InvalidRequest)
我在本次研讨会中使用 eu-west-1,但我不明白为什么 cloudformation 在 us-east-1 中创建存储桶。
当我在 us-east-1 中部署 cloudformation 时,我没有收到此错误。
知道如何避免这个错误吗?
模板如下所示:
AWSTemplateFormatVersion: '2010-09-09'
Resources:
LambdaRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action: 'sts:AssumeRole'
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/IAMFullAccess
- arn:aws:iam::aws:policy/AWSLambda_FullAccess
- arn:aws:iam::aws:policy/AWSCodeCommitReadOnly
- arn:aws:iam::aws:policy/AWSCodePipelineFullAccess
- arn:aws:iam::aws:policy/CloudWatchEventsFullAccess
- arn:aws:iam::aws:policy/AWSCloudFormationFullAccess
PipelineCreateLambdaFunction:
Type: 'AWS::Lambda::Function'
Properties:
FunctionName: 'gitflow-workshop-create-pipeline'
Description: 'Lambda Function to create pipelines on branch creation'
Code:
S3Bucket: 'aws-workshop-gitflow'
S3Key: 'pipeline-create.zip'
Handler: 'pipeline-create.lambda_handler'
Runtime: 'python3.7'
Role:
Fn::GetAtt:
- LambdaRole
- Arn
PipelineCreateLambdaPermission:
Type: 'AWS::Lambda::Permission'
DependsOn: PipelineCreateLambdaFunction
Properties:
Action: 'lambda:InvokeFunction'
Principal: "codecommit.amazonaws.com"
FunctionName: 'gitflow-workshop-create-pipeline'
PipelineDeleteLambdaFunction:
Type: 'AWS::Lambda::Function'
Properties:
FunctionName: 'gitflow-workshop-delete-pipeline'
Description: 'Lambda Function to delete pipelines on branch deletion'
Code:
S3Bucket: 'aws-workshop-gitflow'
S3Key: 'pipeline-delete.zip'
Handler: 'pipeline-delete.lambda_handler'
Runtime: 'python3.7'
Role:
Fn::GetAtt:
- LambdaRole
- Arn
PipelineDeleteLambdaPermission:
Type: 'AWS::Lambda::Permission'
DependsOn: PipelineDeleteLambdaFunction
Properties:
Action: 'lambda:InvokeFunction'
Principal: "codecommit.amazonaws.com"
FunctionName: 'gitflow-workshop-delete-pipeline'
【问题讨论】:
【参考方案1】:首先,Lambda 和 S3 需要在同一个区域。
其次,看起来您不是存储桶所有者(您还没有通过查看模板自己创建存储桶)。
这意味着,您用于从中检索 Lambda 源代码的存储桶是(我想来自研讨会),他们决定在 us-east-1 区域创建该存储桶。强制您在区域 us-east-1 中部署您的堆栈(如果您想关注研讨会)。
但如果您真的想将此堆栈部署到 eu-west-1 怎么办?
这意味着您需要在区域 eu-west-1 中创建一个存储桶,并将车间存储桶中的对象复制到您新创建的存储桶中,并更新您的 CloudFormation 模板以指向和检索新创建的 Lambda 源代码存储桶(请注意,您可能需要以不同的方式命名存储桶,因为存储桶名称是全局共享的)。
我希望这有点清楚。
【讨论】:
没错,我同意你的观点,研讨会应该创建一个带有自定义存储桶名称的模板,您可以在其中使用例如存储桶名称区域帐户ID,这样我们可以避免这个问题。感谢您的明确答复。 祝你好运,在研讨会上玩得开心! @Doesn'tMatter以上是关于“GetObject 时发生错误。S3 错误代码:PermanentRedirect。S3 错误消息:存储桶位于此区域:us-east-1的主要内容,如果未能解决你的问题,请参考以下文章