title	description	position	category
service_role简介	No permission to assume the role	8	概述

service_role简介

比如用户执行部署函数的时候，如 s deploy 出现了如下错误：

Message:  POST /services failed with 403. requestid: 133be885-1682-4590-9fcf-6dbb3111cb1d, message: No permission to assume the role 'acs:ram::123456789:role/xx-test' for you

原因是您配置的 service role 的授信体不是 FC 这个服务，比如 acs:ram::123456789:role/xx-test

{
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "RAM": ["acs:ram::987654321:root"]
      }
    }
  ],
  "Version": "1"
}

授信的是 987654321 这个云账号，真正需要授信的是 fc

{
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Effect": "Allow",
      "Principal": {
        "Service": ["fc.aliyuncs.com"]
      }
    }
  ],
  "Version": "1"
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

service_role.md

service_role.md

service_role简介

Files

service_role.md

Latest commit

History

service_role.md

File metadata and controls

service_role简介