Lambda created *-*-custom-resource-apigw-cw-role, what is it?

I just upgraded to Serverless 1.53.0 and deployed a very simple project (1 Lambda and API Gateway). I noticed a new Lambda was created [service]-[stage]-custom-resource-apigw-cw-role. What is this Lambda and what does it do? How often is it executed, memory usage etc…

3 Likes

From what I gather it’s a lambda function used to dynamically define the “CloudWatch log role ARN” property (as part of CloudFormation custom resources feature). This property seems to be an account property (can be controlled in the web console under API Gateway > Settings.
I didn’t find yet how to disable its creation or control it. This is left as a question to the audience.
I’d personally rather not have it run nor created, and in the process avoid giving the serverless user/role too many permissions.

You have provided information to connect to serverless dashboard at serverless.yml file. Probably the auto crated lambda function sends some information from AWS to serverless dashboard. To turn off this auto creation simply remove “app” and “org” from serverless.yml.
app: hello
org: DemoOrg

I have my serverless definition without app and org and still create this function… any know how to avoid it?

I tested using a shared api gateway and using a shared role for the lambda invocations and nothing…

Hi,
If you have below in your serverless.yml:

provider:
    logs:
        restApi: true

Then change from true to false works for me, if you can see the folder where you actually package all your code, the zip file “custom-resource.zip” is gone.
Hope this helps.

Version info:

Serverless: Running "serverless" installed locally (in service node_modules)
Framework Core: 2.64.1 (local)
Plugin: 5.5.0
SDK: 4.3.0
Components: 3.17.1

Cheers

Hello guys,
Does anybody know how to disable creation of this function? I cannot find the place in the code where that function creation is enabled.

I appreciate the help.

The functions serves a very specific purpose and is related to limitations with AWS CloudFormation. The Serverless Framework is designed to make use of CloudFormation for a number of reasons. However, in a lot of cases, there are features that we and users want to use that is actually not supported by CloudFormation. In order to help solve the issue that CloudFormation may not support certain features very quickly, AWS introduced a feature called custom resources (Custom resources - AWS CloudFormation) that allows someone to deploy a Lambda function that contains requests to the AWS SDK to create, destroy, etc resources in an AWS as if it was a part of CloudFormation already.

That is the function that every one is seeing. And back when Node 12 was the latest version of Node, this function would have been deployed as a Node 12 function. Now that Node 12 is deprecated by AWS, there are issues being created, usually when someone attempts to push an update, it fails, and the CloudFormation rollback process attempts to rollback that Node 12 function and Lambda responds with an error.

The way I have seen users correct this is go to the Lambda service, find the function and edit the runtime setting for that function in the AWS Console to something like Node 14 or higher then retry the rollback.

Thanks for your help garethmcc. Changing the runtime worked.