Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to add bucket permission in serverless.yml

I have following serverless.yml file, when I deploy it gives me permission denied on product-image-dev bucket, how do I set permission in iamRoleStatements or it has to be set somewhere else.

service: imagecrops

provider:
  name: aws
  runtime: nodejs4.3
  memorySize: 1024 
  timeout: 20 
  satege: dev

  iamRoleStatements:
      - Effect: "Allow"
        Action:
          - "s3:*"
        Resource:
          - { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ]]}


package:
  include:
    - bin
    - libs
  exclude:
    - tests
    - serverless-nodejs-image

functions:
  cropImage:
    handler: handler.cropImage
    description: Crops images, from S3 bucket and puts into new folder
    events:
      - s3:
          bucket: product-images-dev
          event: s3:ObjectCreated:*
          rules:
            - prefix: uploads/
like image 349
Mukesh Yadav Avatar asked Dec 17 '16 11:12

Mukesh Yadav


People also ask

Is S3 Bucket serverless?

In the Serverless Framework, S3 is most often used as a source for events in Serverless functions. For example, a Serverless function can be triggered when an object in an S3 bucket is created or modified, with rules available to filter for the specific requests you want to call the functions.

How do you add permissions to a lambda function?

Open the Functions page of the Lambda console. Choose a function. Choose Configuration and then choose Permissions.

How do I pass environment variables to serverless?

To reference environment variables, use the ${env:SOME_VAR} syntax in your serverless. yml configuration file. It is valid to use the empty string in place of SOME_VAR . This looks like " ${env:} " and the result of declaring this in your serverless.

How do you refer a property in yml serverless?

To self-reference properties in serverless. yml , use the ${self:someProperty} syntax in your serverless. yml .


1 Answers

I changed my serverless.yml file as following and it started reading.

service: imagecrops

provider:
  name: aws
  runtime: nodejs4.3
  memorySize: 1024 
  timeout: 20 
  satege: dev

  iamRoleStatements:
      - Effect: "Allow"
        Action:
          - "s3:*"
        Resource:
          - { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ]]}
          - "arn:aws:s3:::product-images-dev/*"


package:
  include:
    - bin
    - libs
  exclude:
    - tests
    - serverless-nodejs-image

functions:
  cropImage:
    handler: handler.cropImage
    description: Crops images, from S3 bucket and puts into new folder
    events:
      - s3:
          bucket: product-images-dev
          event: s3:ObjectCreated:*
          rules:
            - prefix: uploads/
like image 52
Mukesh Yadav Avatar answered Oct 27 '22 13:10

Mukesh Yadav