可能是由于 Lambda 函数的执行角色没有足够的权限来执行 'ping' 命令导致的。为了解决这个问题,需要通过修改 Lambda 函数的执行角色来授予它足够的权限。
以下是一些可能有用的步骤:
-
打开 AWS IAM 控制台,找到你的 Lambda 函数的执行角色。 默认情况下,这个角色的名称应该是类似于'lambda-execute-role”的。
-
编辑这个角色,为它添加一个新的权限策略,以允许执行 'ping' 命令。下面是一个示例的策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:",
"ec2:DescribeInstances",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:RevokeSecurityGroupIngress",
"ec2:CreateSecurityGroup"
],
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": "arn:aws:lambda:::function:"
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DetachNetworkInterface",
"ec2:AttachNetworkInterface"
],
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"ec2:DescribeAvailabilityZones",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeNetworkAcls",
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject"
],
"Resource": "arn:aws:s3:::/*"
},
{
"Effect": "Allow",
"Action": [
"sns:Publish"
],
"Resource": "arn:aws:sns:::"
},
{
"Effect": "Allow",
"Action":
