I’ve got a custom role defined for my lambda but when deploying it seems to be failing though not all the time.
Here’s what my serverless.yml looks like:
service: reverseProxyCheck # NOTE: update this with your service name
frameworkVersion: ">=1.28.0 <2.0.0"
provider:
name: aws
runtime: go1.x
package:
exclude:
- ./**
include:
- ./bin/**
functions:
reverseProxyCheck:
handler: bin/lambda
timeout: 300
name: reverseProxyCheck
role: rvsHealthCheckRole
environment:
PROXY_ADDRESS: ${opt:proxy-address}
SDB_DOMAIN_NAME: !Ref reverseProxyDB
events:
- schedule:
name: rvs-health-check-event
description: "Scheduled event to check on the health of the reverse proxy"
rate: rate(1 minute)
resources:
Resources:
reverseProxyDB:
Type: AWS::SDB::Domain
Properties:
Description: "DB to keep track of the reverse proxy's current state"
rvsHealthCheckRole:
Type: AWS::IAM::Role
Properties:
Path: /
RoleName: rvsHealthCheckRole
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: rvsHealthCheckRole
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- "logs:*"
- "firehose:*"
- "s3:*"
- "sdb:*"
Resource:
- "*"
Outputs:
ReverseProxyDBName:
Description: "Reverse Proxy DB DomainName"
Value: !Ref reverseProxyDB
When it fails this is the serverless error I’m seeing:
The role defined for the function cannot be assumed by Lambda.
It seems like a timing issue to me as it does succeed most of the time locally, but when I run it through CircleCI it fails at least 50% of the time.
Am I missing anything?