Requires capabilities error serverless deploy

Serverless Framework
,
1

I am defining custom roles in serverless.yaml and got the below error on serverless deploy

Requires capabilities : [CAPABILITY_NAMED_IAM]

Where to define the capability in serverless.yaml to resolve the error ?

2

how are you defining a custom role?

3

Hi,

The custom role is defined in resources section of serverless.xml. Here is the extract:

resources:
  Resources:
    StreamFunctionEventSourceMappingDynamodbMyTable1:
      Type: AWS::Lambda::EventSourceMapping
      DependsOn: IamPolicyLambdaExecution
      Properties:
        BatchSize: 100
        EventSourceArn: arn:aws:dynamodb:us-east-1:XX:table/tablename/stream/2016-11-07T17:00:04.145
        FunctionName: a
        StartingPosition: LATEST
        Enabled: True
    StreamFunctionEventSourceMappingDynamodbMyTable2:
      Type: AWS::Lambda::EventSourceMapping
      DependsOn: IamPolicyLambdaExecution
      Properties:
        BatchSize: 100
        EventSourceArn: arn:aws:dynamodb:us-east-1:XX:table/tablename/stream/2016-11-07T17:00:04.145
        FunctionName: c
        StartingPosition: LATEST
        Enabled: True
    myCustRole0:
      Type: AWS::IAM::Role
      Properties:
        Path: /
        RoleName: myRole
        AssumeRolePolicyDocument:
          Version: '2017'
          Statement:
            - Effect: Allow
              Principal:
                Service:
                  - lambda.amazonaws.com
              Action: sts:AssumeRole
        Policies:
          - PolicyName: myPolicy
            PolicyDocument:
              Version: '2017'
              Statement:
                - Effect: Allow
                  Action:
                    - logs:CreateLogGroup
                    - logs:CreateLogStream
                    - logs:PutLogEvents
                  Resource: 
                    - arn:aws:logs:us-east-1:XX:log-group:/aws/lambda/a:*:*
                    - arn:aws:logs:us-east-1:XX:log-group:/aws/lambda/b:*:*
                    - arn:aws:logs:us-east-1:XX:log-group:/aws/lambda/c:*:*
                - Effect: Allow
                  Action:
                    - dynamodb:DescribeStream
                    - dynamodb:GetRecords
                    - dynamodb:GetShardIterator
                    - dynamodb:ListStreams
                  Resource: arn:aws:dynamodb:us-east-1:XX:table/tablename/stream/2016-11-07T17:00:04.145
                - Effect: Allow
                  Action:
                    - dynamodb:*
                    - swf:*
                    - cloudwatch:DeleteAlarms
                    - cloudwatch:DescribeAlarmHistory
                    - cloudwatch:DescribeAlarms
                    - cloudwatch:DescribeAlarmsForMetric
                    - cloudwatch:GetMetricStatistics
                    - cloudwatch:ListMetrics
                    - cloudwatch:PutMetricAlarm
                  Resource: "*"
4

I have updated the serverless version from 1.1.0 to 1.3.0 and no longer seeing the reported error. However, i do see a new error:

Serverless Error ---------------------------------------
 
     Template format error: Unresolved resource dependencies
     [IamPolicyLambdaExecution] in the Resources block of
     the template
5

Please help me on the issue reported

6

There’s something wrong with your template, have you checked it with sls deploy --noDeploy and looking at the .serverless/cloudformation-template-update-stack.json file?