按照接受的答案 here ,我尝试配置 API 网关以使用 POST 而不是 GET 向 SQS 发送消息(我能够使 GET 工作)。使用 POST 时,我得到以下响应:
<AccessDeniedException>
<Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>
这是我的映射模板的配置方式
#set($clientKey = $input.params('clientkey'))
#set($url = "https://sqs.us-east-2.amazonaws.com/XXXXXXXX/SomeQueuePrefix-${clientKey}-SomeQueueEnvironment.fifo")
Action=SendMessage##
&QueueUrl=$util.urlEncode($url)##
&MessageGroupId=$input.params('messageGroupId')##
&MessageDeduplicationId=1##
&MessageBody=$util.urlEncode($input.body)
看起来它正确地映射了 body
Wed Nov 14 20:39:44 UTC 2018 : Endpoint request body after transformations: Action=SendMessage&QueueUrl=https%3A%2F%2Fsqs.us-east-2.amazonaws.com%2FXXXXXXXXX%2FSomeQueuePrefix-TEST-SomeQueueEnvironment.fifo&MessageGroupId=3&MessageDeduplicationId=1&MessageBody=%7B%0A++++%22configurationId%22%3A+1%0A%7D
Wed Nov 14 20:39:44 UTC 2018 : Sending request to https://sqs.us-east-1.amazonaws.com//
Screenshot of my Integration Request setup
我的 IAM 政策:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Resource": [
"arn:aws:sqs:us-east-1:XXXXXXXXX:CADAUTO-*-DEV.fifo"
],
"Action": [
"sqs:SendMessage",
"sqs:ReceiveMessage",
"sqs:DeleteMessage"
]
}
]
}
有人能明白为什么这不起作用吗?
最佳答案
SQS 期望内容类型为“Content-Type”到“application/x-www-form-urlencoded”。在 API 网关设置中的 HTTP header 中设置它解决了我的问题。
关于amazon-web-services - 使用 API Gateway POST 到 SQS 时无法确定要授权的服务/操作名称,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53308645/