Hi all, I’m learning the Serverless Framework, serverless, and AWS in general through a little side project. Thanks for having this place for questions and chat! Here’s what I’m bumping up against right now:

functions:
  listShowNoteSets:
    handler: functions/listShowNoteSets.main
    events:
      - http:
          path: shownotes/{PK}
          method: get
          cors: true

A function definition like that, without

authorizer: aws_iam

in it should still be generally accessible by an unauthorized request? I’m getting a

Missing Authentication Token

message back. I can see in API Gateway where there is no authorization required for the path. The lambda function itself only reads data and works when I’m logged in with a Cognito user. Do you have any pointers where this could be blocked? Cognito seems like a spot but I haven’t gotten into that and it my next target. Thanks for any advice!

Hi all, is there any guide to migrate the

serverless-bundle

from v.2.0.0 to v4.2.0? I am having problems deploying, due to a memory overflow, caused by two things:

ForkTsCheckerWebpackPlugin

and

package: individually: true

, and I read that in the newest version is solved, but I keep getting errors.

This is my first foray into CDK, so I'm likely missing something very obvious 🙂

Hello everyone. So I have a question about project organization: I created a repo to build my infrastructure code (with sst), but I'm using multiple regions (namely I have some legacy code and RDS running in us-west-2 and the new things are running in us-east-1) and not sure what is the best approach to manage that. The first thing that came to my mind was to split the repo creating root folders per region and each folder having its own

sst.json

Does it make sense or there's a more elegant way? btw, should I ask this type of question here or in the #sst channel? 🙂

Hello everyone. I want to know what you think is better to organize stacks: by service or by feature? Or there is a better way?

Hello again... I'm having this problem with lambda networking inside VPC. It's happening in a function I deployed yesterday. This function calls secrets manager to get the credentials and connects to a MySQL DB in RDS. It also makes some calls to the internet. I'm getting timeout errors and when I check the serverless console it shows the

getSecretValue()

being the cause as far as I understand. It's very weird because: • All the functions are in the same

serverless.yml

and share the same VPC configuration (which is already set up to allow internet access) and the other functions with the same type of calls (SecretsManager, RDS, and external addresses) work perfectly; • It doesn't seem to be an external access problem because the HTTP calls to the Internet work fine, only the secrets manager get stuck; • I noticed that if I change the internet address I'm calling for another (e.g. google.com) it works without timing out the

getSecretValue()

call. • Since the external address, in this case, is another lambda, I tested calling it directly by using the AWS SDK instead of making an HTTP request (via axios), but in this case, the timeout happens again :S Any clues? Has anyone already passed for a similar problem?

Howdy. Beginner SST question here. I wish to be able to use the local, live Lambda development feature for my lambdas (shortening the code-2-test time is so critical). I'm currently using Serverless and have 68 lambdas as well as infrastructure with some buckets, DDB tables, cognito, custom domains etc. There are both public endpoints as well as private ones. To be able to use live dev, I need to define my lambdas in SST, right? Would it be possible then to just define 1 or 2 lambdas in SST, deploy the mock stubs and have the rest of my setup be defined in SLS? So, I deploy the mock stubs by defining them in SST and overwriting the previously deployed functions and run

sst start

. When I'm done developing, I deploy again to make sure I replace the mocked functions. Is this correctly understood? Thank you for your time!

I get a bunch of errors regarding linting. I have tried to add a

.eslintignore

file with just a single

*

in, but lines like these spam my screen on `sst start`:

/Users/pal/dev/peasy/node_modules/@aws-cdk/cx-api/lib/cloud-assembly.js
 0:0 warning File ignored by default. Use "--ignore-pattern '!node_modules/*'" to override

That a file is (correctly) ignored seems like TMI. Any ideas on how to supress this?

Getting

*Unzipped size must be smaller than 250956732 bytes*

for a small function now. Looking in

.build

it does not look good. Will investigate, but if anybody here recognizes the problem, please let me know 🙂

Hi - I’m struggling to get images returned through a serverless defined AWS configuration. Apologies for the long post but wanted to share the detail since there are various stages. I have a API Gateway resource that calls a lambda function to retrieve an image from an S3 bucket. The image is confirmed to be in the bucket and I can download it from the console it can opened and viewed fine. In serverless.ts I have:

OMWGetThumbPhoto: {
  handler: '.build/main/handler/someHandler.handleGetThumb',
  layers: [
    sharpLayerArn
  ],
  events: [
    {
      http: {
        method: 'get',
        path: 'resourceConfig/{resourceId}/thumb',
        cors: true                  
      }
    }
  ]
},

In the code lambda function the image is retrieved like this:

public static async getFileByName(bucket: string, name: string): Promise<AWS.S3.GetObjectOutput> {
  const s3 = S3Factory.getS3();
  const getObjectParams: GetObjectRequest = {
    Bucket: bucket,
    Key: name,
  };
  return s3.getObject(getObjectParams).promise();
}

The data for the response is built like this (none of the exceptions throw and image is determined to be of type image/png):

public static async getPhotoByName(name: string, fullsize = true): Promise<PhotoAndMime> {
  const photoName = fullsize ? name : `${this.SMALL_PHOTO_PREFIX}${name}`;

  const photo = await FileStorage.getFileByName(this.getBucketId(), photoName);

  if (!photo || !photo.Body) throw new Error(`Failed to retrieve image file for photo '${photoName}'`);
  let photoStr = '';
  const base64Photo = photo.Body.toString('base64');
  const type = await FileType.fromBuffer(photo.Body as Buffer);
  if (!type) throw new Error(`Invalid or missing image type for for photo '${photoName}'`);
  <http://log.info|log.info>(`File Type determined to be: ${type.mime}`);
  photoStr = `data:${type.mime};base64,${base64Photo}`;

  return { photo: photoStr, mimeType: type.mime };
}

Then the response is returned like this

async function handleGetCommon(event: APIGatewayProxyEvent, fullSize: boolean): Promise<APIGatewayProxyResult> {
  let response: APIGatewayProxyResult;
  try {
    const result = await ResourcePhotoService.getPhotoById(resourceId, datasetId, fullSize);

    if (result) {
      response = {
        statusCode: 200,
        headers: { 'Content-Type': result.mimeType },
        body: result.photo,
        isBase64Encoded: true,
      };
    } else {
      response = { statusCode: 204, body: '' };
    }
  } catch (err) {
    response = HandlerUtils.handleCaughtError(err, `Could not retrieve resource config photo`);
  }

  Utils.addCorsHeaders(response);
  return response;
}

The web application that calls the API Gateway uses axios like this:

const { data } = await axios.get(url, {
  headers: {
    accept: 'image/jpg, image/png',
    Authorization: `Bearer ${token}`,
  },
  responseType: 'arraybuffer',
  params,
});

and tries to process the response the data uses this function to convert the response to an image data URL

export function convertBinaryToImage(rawPhoto) {
  return new Promise((resolve) => {
    if (rawPhoto?.byteLength > 0) {
      FileType.fromBuffer(rawPhoto).then((type) => {
        const blob = new Blob([rawPhoto], { type: type.mime });
        const reader = new FileReader();
        reader.readAsDataURL(blob);
        reader.onload = () => {
          return resolve(reader.result); // data url
        };
      });
    }
  });
}

However it cannot determine the file type, something seems to be getting corrupted along the way. Has anyone solved the problem of retrieving a private image from an S3 bucket and return that via API Gateway to be displayed on a web page? I feel like I’m missing some serverless configuration somewhere. I’ve tried setting response.contentHandling CONVERT_TO_TEXT and CONVERT_TO_BINARY but that didn’t seem to make any difference.

Hello I was implementing my first secure APIs and implemented a custom authorizer using Auth0. During the process, I realized there's a built-in JWT authorizer supported by HTTP API type (

httpApi

event type in sls), which I also didn't know. So, using

httpApi

I'm able to define the required

scopes

for my function. Is there a way to do something similar using the regular

http

event type and a custom authorizer? Also, what do you usually use in terms of AGW API type: REST or HTTP? I saw this page but would like to know about real experiences... Thanks

Hi! Upgrading from 0.7.3 to 0.8.0gives me errors when setting timeouts on functions. I set it like so: `timeout: cdk.Duration.seconds(240)`and get the following error:

===============
 Deploying app
===============

Preparing your SST app
Transpiling source
Linting source
Deploying stacks

Error: Argument to Intrinsic must be a plain value object, got () => {
      throw new Error('Duration.toString() was used, but .toSeconds, .toMinutes or .toDays should have been called instead');
    }
  at new Intrinsic (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/private/intrinsic.ts:39:13)
  at Function.asAny (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/token.ts:102:48)
  at Function.asString (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/token.ts:79:53)
  at Duration.toString (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/duration.ts:219:18)
  at new Duration (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/duration.ts:95:46)
  at Function.seconds (/Users/pal/dev/peasy/node_modules/@aws-cdk/core/lib/duration.ts:29:12)
  at new Function (/Users/pal/dev/peasy/node_modules/@serverless-stack/resources/src/Function.ts:127:31)
  at createFunction (/Users/pal/dev/peasy/lib/cdk-common.js:96:10)
  at new AnalysisStack (/Users/pal/dev/peasy/services/analysis/sst-stack.js:27:38)
  at Object.main (/Users/pal/dev/peasy/lib/index.js:11:3)

There was an error synthesizing your app.
error Command failed with exit code 1.

Downgrading to

0.7.3

fixes this

Hey! Thanks for creating the project! I've been using the cdk to deploy a Hasura backend, using this template: https://github.com/lineupninja/hasura-cdk I've been trying to migrate the current setup to the sst, and I'm facing a problem. Right now, I use a post-deploy script that picks up values from cdk.CfnOutput (cdk.outputs.json) -> https://github.com/lineupninja/hasura-cdk/blob/master/cdk/bin/post-deploy.ts I understand that the sst doesn't use a cdk.json file. Any suggestion of alternative ways of getting the data?

Hey everyone. I would like to know how you handle this kind of scenario: I have some external-provided sensitive data (e.g. Facebook client id and secret, or an API key for an external service) and wanna store it in secrets manager. The point is that I was unable to create a secret with a value by using CDK. For now, I created the secrets with the generated value and replaced the values manually after the creation, but didn't like that. So perhaps the way I'm trying to handle this case is wrong or doesn't make sense. Any ideas?

Hey! How to handle schema migrations with Aurora Serverless? Are there any tools or best practices for this?

Hi everyone! I'm running into some issues when trying to deploy my app with Seed. I'm getting this error message

Cloud assembly schema version mismatch: Maximum schema version supported is 7.0.0, but found 9.0.0

When building locally I noticed that the

manifest.json

version created has version 9.0.0, not sure if its related and how to fix it. Does anyone run into a similar issue? Thanks!

Hey! I'm trying to do

sst start

on a monorepo with the sample ts api example but getting an error. The debugger starts just fine, but as soon as I make an api request it fails.

Hi! What is the best way to develop? Deploy dynamodb or use dynmodb-local (https://www.npmjs.com/package/serverless-dynamodb-local) and why?

Hi! I’m running a Slack App using NodeJS, @Slack/Bolt, Serverless Stack, AWS-Lambda (like this: https://slack.dev/bolt-js/deployments/aws-lambda). I also need to build a website and want to use a pipeline ive used before, NodeJS, ReactJS, Gitlab CI > AWS-Amplify DynamoDB. The Website is where the “Add to Slack” button will live and (Slack/oAuth)some of the onboarding for Slack will happen so i want to capture data from the users, save it in DynamoDB then use it in the other Slack App i build. The question: whats the best architecture for this: Add the website code into the Slack/Bolt>Serverless>AWS-Lambda project or the other way around? Can i deploy the reactjs code along with the AWS-Lambda project through serverless? Many thanks for your guidance!

dont you need to specify the exported function name of your handler? like

handler: bin/admin.funcName

?

Hi team, I’m new with Serverless Stack and wondering how I should structure my project. Currently I have an Express API with models, controllers, and services. For the models I’m using Sequelize ORM, these models are used in different services. My question is about how should I reuse my models and services in my functions (controllers)? Should I create functions for every model and call them from my services? Should I create functions for every service and call them from my controllers? I’ll use AWS Lambda functions, NodeJS and MySQL An example, tutorial, blog… will be appreciated Thanks in advance

@Tom Hoad Did you try without the apostraphes? like

- !ImportValue ${self:custom.sstApp}-TableArn

Maybe I’m not used with batching, but if one message handling fails, the whole batch go back to the queue and is processed again later right?

So is it safer to only process one message at a time?

Quick question, is the entry point directory for SST stack configurable? Like change

/lib

to another name

/stacks

. Or is it strictly lib. Not a big deal, just wondering, I just tried deploying with another name and it's expecting

/lib

.

Hi all! How has it been your experience with cold start? It's my only headache

Hi all! Am I understanding correctly that anything that CDK can provide SST can do the same? CDK is releasing too fast, and I am curious if you are at their pace :)

so I want to be sure about the tradeoffs, right now I have no idea what value I should put for the messageGroupId

Hi! how can i do a s3 trigger with sst?

Is it possible to set up a custom domain on the SST Api construct?