Comments (4)
@BartusZak Please make sure that the default iamRoleStatements
stored under provider
in configuration tree like that:
custom: ${file(../serverless.common.yml):custom}
provider: # <-- difference is here
iamRoleStatements:
- ${file(../serverless.common.yml):lambdaPolicyXRay}
- Effect: Allow
Action:
- dynamodb:Query
Resource: !Sub "arn:aws:dynamodb:${self:provider.region}:${AWS::AccountId}:table/${self:provider.environment.MULTIBOOKS_DYNAMODB_TABLE}/index/*"
functions:
currentUserList:
handler: handlers/currentUser/list.handler
# iamRoleStatementsInherit: true <-- i still have to explicitly declare it to make it inherit
iamRoleStatements:
- Effect: "Allow"
Action:
- dynamodb:GetItem
Resource:
- !Sub "arn:aws:dynamodb:${self:provider.region}:${AWS::AccountId}:table/${self:provider.environment.USERS_DYNAMODB_TABLE}"
- !Sub "arn:aws:dynamodb:${self:provider.region}:${AWS::AccountId}:table/${self:provider.environment.RELEASES_DYNAMODB_TABLE}"
from serverless-iam-roles-per-function.
@Enase thanks for comment.
Missing provider
is not the problem here.
Originally it's there. I just have cut too much and forgot to include it in my comment. :D
I edited the first comment.
Any other bets? :)
from serverless-iam-roles-per-function.
@BartusZak could you please do the following:
- open plugin source file in your project. Path sample
/node_modules/serverless-iam-roles-per-function/dist/lib/index.js
- Go to string #317 -
node_modules/serverless-iam-roles-per-function/dist/lib/index.js:317
- Add console logs like below
const isInherit = functionObject.iamRoleStatementsInherit
|| (this.defaultInherit && functionObject.iamRoleStatementsInherit !== false);
console.log('Default inherit state:', this.defaultInherit);
console.log('Function inherit state:', functionObject.iamRoleStatementsInherit);
- Run
sls package
and try to find out why yourisInherit
value is false.
from serverless-iam-roles-per-function.
@BartusZak any updates?
from serverless-iam-roles-per-function.
Related Issues (20)
- Global Role Name is not in expected format HOT 1
- Adding disableLogs: true to lambda config makes plugin throw an error HOT 3
- Allow tagging the IAM role
- Aws Lambda is not authorized to perform: SNS:Publish on resource: +358
- How can we acheive IAM path per function? HOT 2
- Is it possible to attach managed policy? HOT 3
- The plugin serverless-iam-roles-per-function isn't being recognized HOT 1
- Define iamGlobalPermissionsBoundary in the .yml?
- Typescript definitions? HOT 3
- Configuration error: at 'provider.iam.role.statements.1.Action.0': must be string HOT 1
- Conform to SLS v3 `iam` format? HOT 1
- Throws error when using 'disableLogs' on functions
- iamGlobalPermissionsBoundary is required, but not read HOT 1
- Deprecation warning: provider.iamRoleStatements" -> "provider.iam.role.statements HOT 5
- auto-generated role name too long, but managing manual role names too brittle HOT 2
- Role inheritance seems broken with provider.iam.role.statements HOT 2
- Overides iamManagedPolicies even with iamRoleStatementsInherit flag HOT 4
- Serverless Framework v3: integrating with the new design HOT 1
- Fine grained access control using leading keys in dynamo
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from serverless-iam-roles-per-function.