我正在尝试做一些非常简单的事情。我想使用无服务器框架创建一个lambda函数,一个S3存储桶,并使lambda函数成为S3存储桶的事件处理程序。这是我的定义文件:
service: test-project
provider:
name: aws
stage: ${opt:stage, 'dev'}
runtime: nodejs8.10
endpointType: REGIONAL
role: arn:aws:iam::xxxxx:role/lambda_role
functions:
MyEventHandler:
name: fn
handler: src/fn.handler
events:
- s3: container
resources:
Resources:
S3BucketContainer:
Type: AWS::S3::Bucket
Properties:
BucketName: the-container-bucket
但是当我跑步时:
$ sls deploy --region us-east-1 --stage dev
我得到:
Serverless: Operation failed!
Serverless Error ---------------------------------------
An error occurred: S3BucketContainer - Unable to validate the following destination configurations (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument; Request ID: xxxxx; S3 Extended Request ID: xxxxx).
Get Support --------------------------------------------
Docs: docs.serverless.com
Bugs: github.com/serverless/serverless/issues
Issues: forum.serverless.com
Your Environment Information -----------------------------
OS: linux
Node Version: 8.10.0
Serverless Version: 1.34.1
有人知道怎么了吗?
答案 0 :(得分:1)
错误消息很可怕,但是正确。
正在尝试使用config创建存储桶,以将通知发送到您的lambda。在部署的这一点上,lambda尚未授予存储桶调用权限,因此存储桶创建失败。
如果您未指定自定义存储桶资源(以更改存储桶名称),请serverless would have added the dependency automatically。
所有人都说您不是第一个和反映这个问题的docs have been updated。
添加此额外资源,显然(见下文)它应该可以工作:
resources:
Resources:
MyEventHandlerLambdaPermissionContainerS3:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
"Fn::GetAtt":
- MyEventHandlerLambda
- Arn
Principal: "s3.amazonaws.com"
Action: "lambda:InvokeFunction"
SourceAccount:
Ref: AWS::AccountId
SourceArn: "arn:aws:s3:::the-container-bucket"
我之所以这么说,显然是因为我使用DependsOn控制CloudFormation中的顺序,解决了这一问题(see here)。