himadri
September 7, 2017, 1:45pm
1
When I am adding the following code in serverless.yml file
provider:
name: aws
runtime: python3.6
stage: dev
region: [REGION]
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource: { "Fn::Join": ["", ["arn:aws:s3:::", { "Ref": [BUCKET NAME] }, "/*" ] ] }
On deployment, I am getting “The CloudFormation template is invalid: Circular dependency between resources:”
I am using boto3 with python3 to get the private file that is uploaded to the S3 bucket after the trigger event so like to give the permission to Lambda function for that bucket.
@himadri : Could you add a little more information on this? In particular, it’d be helpful to have:
The version of serverless you’re running (sls version
);
The full serverless.yml
, or at least as much as you can show. Having the resources
section in particular will be helpful.
himadri
September 7, 2017, 3:01pm
3
Sory my mistake. SLS version 1.21.1. And here is the full version of my serverless.yml file.
service: [SERVICE NAME]
frameworkVersion: ">=1.21.1"
provider:
name: aws
runtime: python3.6
stage: dev
region: [REGION]
iamRoleStatements:
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource: { "Fn::Join": ["", ["arn:aws:s3:::", { "Ref": "[S3BucketBUCKET_NAME]" }, "/*" ] ] }
- Effect: "Allow"
Action:
- "s3:ListBucket"
Resource: { "Fn::Join": ["", ["arn:aws:s3:::", { "Ref": "[S3BucketANOTHER_BUCKET_NAME]" } ] ] }
- Effect: "Allow"
Action:
- "s3:PutObject"
Resource: { "Fn::Join": ["", ["arn:aws:s3:::", { "Ref": "[S3BucketANOTHER_BUCKET_NAME]" }, "/*" ] ] }
- Effect: "Allow"
Action:
- "s3:ListBucket"
Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "ServerlessDeploymentBucket" } ] ] }
- Effect: "Allow"
Action:
- "s3:PutObject"
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- "Ref" : "ServerlessDeploymentBucket"
- "/*"
functions:
[FUNCTION NAME]:
handler: handler.[HANDLER_NAME]
events:
- s3:
bucket: [BUCKET_NAME]
event: s3:ObjectCreated:*
rules:
- suffix: [SUFFIX]
[ANOTHER FUNCTION NAME]:
handler: handler.[HANDLER_NAME]
events:
- s3:
bucket: [BUCKET_NAME]
event: s3:ObjectCreated:*
rules:
- suffix: [SUFFIX]
package:
exclude:
- node_modules/**
- venv/**
- .requirements/**
- package.json
- requirements.txt
- .requirements.zip
resources:
Resources:
S3BucketBUCKET_NAME:
Type: AWS::S3::Bucket
Properties:
CorsConfiguration:
CorsRules:
- AllowedHeaders:
- "*"
AllowedMethods:
- GET
- POST
- PUT
AllowedOrigins:
- "*"
S3BucketANOTHER_BUCKET_NAME:
Type: AWS::S3::Bucket
Properties:
BucketName: [ANOTHER_BUCKET_NAME]
plugins:
- serverless-python-requirements
custom:
pythonRequirements:
zip: true
himadri
September 7, 2017, 3:35pm
4
Have you seen the serverless.yml file?