python-3.x - 无法列出事件。资源 = 列表(事件['detail']['requestParameters']['evaluations'])[0]
问题描述
当我尝试列出 S3 事件时出现以下错误。
Response:
{
"errorMessage": "'detail'",
"errorType": "KeyError",
"stackTrace": [
[
"/var/task/lambda_function.py",
30,
"lambda_handler",
"resource = list(event['detail']['requestParameters']['evaluations'])[0]"
]
]
}
Request ID:
"6ee059f2-556c-4483-a45f-f90238ed727e"
Function Logs:
START RequestId: 6ee059f2-556c-4483-a45f-f90238ed727e Version: $LATEST
'detail': KeyError
Traceback (most recent call last):
File "/var/task/lambda_function.py", line 30, in lambda_handler
resource = list(event['detail']['requestParameters']['evaluations'])[0]
KeyError: 'detail'
END RequestId: 6ee059f2-556c-4483-a45f-f90238ed727e
REPORT RequestId: 6ee059f2-556c-4483-a45f-f90238ed727e Duration: 1491.42 ms Billed Duration: 1500 ms Memory Size: 128 MB Max Memory Used: 74 MB Init Duration: 165.73 ms
代码:
import boto3
from botocore.exceptions import ClientError
import json
import os
ACL_RD_WARNING = "The S3 bucket ACL allows public read access."
PLCY_RD_WARNING = "The S3 bucket policy allows public read access."
ACL_WRT_WARNING = "The S3 bucket ACL allows public write access."
PLCY_WRT_WARNING = "The S3 bucket policy allows public write access."
RD_COMBO_WARNING = ACL_RD_WARNING + PLCY_RD_WARNING
WRT_COMBO_WARNING = ACL_WRT_WARNING + PLCY_WRT_WARNING
def policyNotifier(bucketName, s3client):
try:
bucketPolicy = s3client.get_bucket_policy(Bucket = bucketName)
# notify that the bucket policy may need to be reviewed due to security concerns
sns = boto3.client('sns')
subject = "Potential compliance violation in " + bucketName + " bucket policy"
"Potential bucket policy compliance violation. Please review: " + json.dumps(bucketPolicy['Policy']),
# send SNS message with warning and bucket policy
response = sns.publish(
TopicArn = os.environ['TOPIC_ARN'],
Subject = subject,
Message = message
)
except ClientError as e:
# error caught due to no bucket policy
print("No bucket policy found; no alert sent.")
def lambda_handler(event, context):
# instantiate Amazon S3 client
s3 = boto3.client('s3')
resource = list(event['detail']['requestParameters']['evaluations'])[0]
bucketName = resource['complianceResourceId']
complianceFailure = event['detail']['requestParameters']['evaluations'][0]['annotation']
if(complianceFailure == ACL_RD_WARNING or complianceFailure == ACL_WRT_WARNING):
s3.put_bucket_acl(Bucket = bucketName, ACL = 'private')
elif(complianceFailure == PLCY_RD_WARNING or complianceFailure == PLCY_WRT_WARNING):
policyNotifier(bucketName, s3)
elif(complianceFailure == RD_COMBO_WARNING or complianceFailure == WRT_COMBO_WARNING):
s3.put_bucket_acl(Bucket = bucketName, ACL = 'private')
policyNotifier(bucketName, s3)
return 0 # done
从https://aws.amazon.com/blogs/security/how-to-use-aws-config-to-monitor-for-and-respond-to-amazon-s3-buckets-allowing-public-access复制代码/
当我测试 lambda 函数时。超越错误。
蟒蛇新手。请帮我解决问题。
解决方案
在您的代码中,您假设以下路径始终存在于event
:中event['detail']['requestParameters']['evaluations']
。错误告诉您event
实际上不包含detail
密钥。
你应该做的是:
- 确保您的测试事件对应于您希望触发 lambda 的真实事件
- 如果是,
event
请先打印以查看其结构:
import json
...
print(json.dumps(event, indent=2))
自 2018 年撰写本文以来,事件格式完全有可能发生变化。
- 无论如何,最好将该语句包含在
try ... except
块中以捕获 KeyError 并优雅退出
推荐阅读
- android - 如何在 Xamarin.Forms 中录制视频
- perl - WWW::Mechanize::Chrome 如何关闭标签
- apache-camel - 如何在死信队列(amq)中应用过期消息
- php - 带有 PHP 和 SQLite 的数据库应用程序在数据库中返回 Null
- javascript - 使用 PDFMake 的图像行?
- java - 当方法退出时,该方法中的 Timer 对象是否存在?
- javascript - 依次执行功能?不知道如何准确描述问题
- python - 为什么将 14 字节的随机数据附加到原始以太网帧?
- c# - C# 如何以干净和正确的编码方式缩短 Datagridview Selectionchanged 代码
- angular - 从 Windows 批处理脚本替换打字稿文件中的变量