Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to add bucket permission in serverless.yml

Tags:

amazon-web-services

amazon-s3

aws-lambda

serverless-framework

I have following serverless.yml file, when I deploy it gives me permission denied on product-image-dev bucket, how do I set permission in iamRoleStatements or it has to be set somewhere else. 

service: imagecrops

provider:
  name: aws
  runtime: nodejs4.3
  memorySize: 1024 
  timeout: 20 
  satege: dev

  iamRoleStatements:
      - Effect: "Allow"
        Action:
          - "s3:*"
        Resource:
          - { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ]]}


package:
  include:
    - bin
    - libs
  exclude:
    - tests
    - serverless-nodejs-image

functions:
  cropImage:
    handler: handler.cropImage
    description: Crops images, from S3 bucket and puts into new folder
    events:
      - s3:
          bucket: product-images-dev
          event: s3:ObjectCreated:*
          rules:
            - prefix: uploads/
like image 349
Mukesh Yadav Avatar asked Dec 17 '16 11:12

Mukesh Yadav

People also ask

Is S3 Bucket serverless?

In the Serverless Framework, S3 is most often used as a source for events in Serverless functions. For example, a Serverless function can be triggered when an object in an S3 bucket is created or modified, with rules available to filter for the specific requests you want to call the functions.

How do you add permissions to a lambda function?

Open the Functions page of the Lambda console. Choose a function. Choose Configuration and then choose Permissions.

How do I pass environment variables to serverless?

To reference environment variables, use the ${env:SOME_VAR} syntax in your serverless. yml configuration file. It is valid to use the empty string in place of SOME_VAR . This looks like " ${env:} " and the result of declaring this in your serverless.

How do you refer a property in yml serverless?

To self-reference properties in serverless. yml , use the ${self:someProperty} syntax in your serverless. yml .

1 Answers

I changed my serverless.yml file as following and it started reading. 

service: imagecrops

provider:
  name: aws
  runtime: nodejs4.3
  memorySize: 1024 
  timeout: 20 
  satege: dev

  iamRoleStatements:
      - Effect: "Allow"
        Action:
          - "s3:*"
        Resource:
          - { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ]]}
          - "arn:aws:s3:::product-images-dev/*"


package:
  include:
    - bin
    - libs
  exclude:
    - tests
    - serverless-nodejs-image

functions:
  cropImage:
    handler: handler.cropImage
    description: Crops images, from S3 bucket and puts into new folder
    events:
      - s3:
          bucket: product-images-dev
          event: s3:ObjectCreated:*
          rules:
            - prefix: uploads/
like image 52
Mukesh Yadav Avatar answered Oct 27 '22 13:10

Mukesh Yadav
Sign in to Comment

Related questions

How can I increase my AWS s3 upload speed when using boto3?
How to do RDS IAM Authentication with Django?
How to throw HTTP error code with AWS Lambda using Lambda Proxy?
Template format error: Every Mappings attribute must be a String or a List
MalformedPolicyDocument when calling the CreatePolicy operation - AWS
What's the use case for RoleSessionName when assuming a role in AWS and how it affects the performance
AWS API Gateway {"message":"Missing Authentication Token"}
'Credential is missing' Error On Instantiating S3 Class Using AWS-SDK JS V3
security settings between Amazon EC2 instance and heroku
delete S3 object
Why might the CIDR/IP in DB security group be different from instance elastic IP?
Using AWS S3 for photo storage
Amazon S3 Write Only access
Error trying to install libjpeg-devel with elastic beanstalk
How to set S3 bucket policy to (mostly) private when object acl is public?
Python cassandra driver: Invalid or unsupported protocol version: 4
Amazon SES display sender name using PHP?
IAM AWS S3 to restrict to a specific sub-folder
Putting/Updating item in DynamoDB fails for the UpdateExpression syntax
Why is the pricing of t2.large similar to m4.large?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!