0

我有以下片段:

const SellingPartnerAPI = require('amazon-sp-api');

process.env.SELLING_PARTNER_APP_CLIENT_ID = "..."
process.env.SELLING_PARTNER_APP_CLIENT_SECRET = "..."
process.env.AWS_ACCESS_KEY_ID = "..."
process.env.AWS_SECRET_ACCESS_KEY = "..."
process.env.AWS_SELLING_PARTNER_ROLE = "SellingPartnerAPIRole"

const TOKEN = '...';

(async () => {
    try {
        let sellingPartner = new SellingPartnerAPI({
          region: "eu",
          refresh_token: TOKEN
        });
        let res = await sellingPartner.callAPI({
          operation:'getCompetitivePricing',
          endpoint:'productPricing'
        });
        console.log(res);
    } catch (e) {
        console.error(e)
    }
})()

这失败是这样的:

{ code: 'AccessDenied',
  message:
     'User: arn:aws:iam::7xxxx9:user/XXX is not authorized to 
     perform: sts:AssumeRole on resource: SellingPartnerAPIRole',
  type: 'error' }

我不明白为什么会失败,因为我只是按照官方文档创建了 IAM 用户、IAM 策略、IAM 角色,然后设置了这个 Node.js 脚本。

我想获取给定 ASIN 的元数据,但现在它只是以AccessDenied.

我该如何解决这个问题?

4

1 回答 1

1

arn:aws:iam::99999:role/role-name如果 iam 用户有 sts 政策,应该是这样。(不是用户 ARN)

process.env.AWS_SELLING_PARTNER_ROLE = "arn:aws:iam::99999:role/role-name"
于 2021-09-19T19:13:09.300 回答