@Frank After updating from v0.58.0 straight to v0.59.4 I had similar issues to @Michael Wolfenden that you said will have a "helping hand included": https://serverless-stack.slack.com/archives/C01JVDJQU2C/p1642148371000200?thread_ts=1642130318.050400&cid=C01JVDJQU2C Follow up in the thread for readability

How can I create CustomResource in SST framework. Here is what I am trying to achieve. CustomResource creation will trigger lambda. That lambda looks up db and create the NextJsWebsite (of cource by cloning the somegit repo)

// In the stack

new CustomeResource(function: sst.Function);

// In the lambda

const handler = (event) => {
  if (event.RequestType === 'create') {
    // do something like, get websites metadata from db and for each websites deploy.
    new NextJsWebsite(); // sst resource
  }
}

General question regarding your lambda file structures. I come from Java monolith background (still struggling to forget the experience 😅), with clear separation of Controllers, Services and DAOs that I tried to kinda adopt as preparation to add some extra TSOA OpenAPI generators post-deployment. Thing is, resulting functions tend to bloat to weird sizes, including more supporting functions and libs than necessary... Simply moving my TS code for handler and companion service functions to a separate file results in roughly x50 smaller bundles post minification. Do I really need to keep each function as a separate file or may I have misconfigured something? 🤕

Having troubles updating SST to the latest... when trying to deploy I get export cannot be deleted as it is in use. I did not actually delete it all I did was update the CDK basically. Anyone know what to do for this? Specifically my lambda authorizer right now. Old:

const createAuthorizer = (app: cdk.Construct, role: string, resourceHelper: ResourceHelper, props?: Partial<HttpLambdaAuthorizerProps>) => {
	return new HttpLambdaAuthorizer({
		...props,
		responseTypes: [HttpLambdaResponseType.SIMPLE],
		authorizerName: role.toLowerCase(),
		handler: new sst.Function(app, `${role[0].toUpperCase() + role.substring(1).toLowerCase()}Authorizer`, {
			handler: 'src/functions/authorizer/index.handler',
			...resourceHelper.getResources(['Dynamo'], {
				environment: { AUTH_ROLE: role.toUpperCase() },
				permissions: []
			})
		})
	})
}

New:

const createAuthorizer = (app: Construct, role: string, resourceHelper: ResourceHelper, props?: Partial<HttpLambdaAuthorizerProps>) => {
	const authorizer = new sst.Function(app, `${role[0].toUpperCase() + role.substring(1).toLowerCase()}Authorizer`, {
		handler: 'src/functions/authorizer/index.handler',
		...resourceHelper.getResources(['Dynamo'], {
			environment: { AUTH_ROLE: role.toUpperCase() },
			permissions: []
		})
	})

	return new HttpLambdaAuthorizer(`${role[0].toUpperCase() + role.substring(1).toLowerCase()}Authorizer`, authorizer, {
		...props,
		responseTypes: [HttpLambdaResponseType.SIMPLE],
		authorizerName: role.toLowerCase()
	})
}

With no code changes and making sure the bundle format is set to cjs I get error saying:

Error [ERR_UNSUPPORTED_ESM_URL_SCHEME]: Only file and data URLs are supported by the default ESM loader. On Windows, absolute paths must be valid file:// URLs. Received protocol 'c:'

Anyone know how to resolve this?

Hi everyone, I am currently experimenting with transitioning a project from serverless -> serverless stack, what would you suggest as the best documentation or point of reference to guide me through that process. Thank you in advance 🙌

is there an SST permission shortcut like

['*', 'grantInvoke']

? or do we have to use the

iam.PolicyStatement

?

does anyone know how to configure logging configurations for an s3 bucket in the sst.Bucket instance in SST ?

Can anyone guide me on how to configure a securityGroup resource that is going to be used for vpc ?

hey folks, in a scenario where I have a SST back-end with a React front-end, using Cognito and amplify for auth with OTP 2FA, if the user lost their device, how the user can self-serve and reset OTP? @Frank @thdxr thanks in advance

hey all - So i think my issues are because my AWS account is quite new. And looks like Im triggering amazon. They are sorting it out for me. Quick question on the stacks. If i remove something from stacks out of index.js - does it automatically rollback from AWS or would that be a manual thing? If its manual how would you rollback stack items? I would assume it would be a rollback, update the stack then re-release?

Is there any way to rename a SNS topic without having to redeploy everything 😂

Having an issue after upgrading SST, not sure which update did it but it looks like I need to now specify the

table.dynamodbTable

to use specific table permissions. so like this

permissions: [[userTable.dynamodbTable, 'grantReadData']],

instead of

permissions: [[userTable, 'grantReadData']],

Looks like something around here, https://github.com/serverless-stack/serverless-stack/blob/master/packages/resources/src/util/permission.ts#L221 or here https://github.com/serverless-stack/serverless-stack/blob/master/packages/resources/src/Construct.ts#L60. Maybe this got messed up with the update to the latest CDK?

Is there a cleaner way to do apigateway.AwsIntegration in SST? This works, but I'm wondering if there's a better way, leveraging SST.

import * as sst from "@serverless-stack/resources";
import { RemovalPolicy, Aws } from "aws-cdk-lib";
import * as apigateway from 'aws-cdk-lib/aws-apigateway';
import * as iam from 'aws-cdk-lib/aws-iam';

export default class PublicBlogStack extends sst.Stack {
  constructor(scope, id, props) {
    super(scope, id, props);

    const { table } = props;

    const apiRole = new iam.Role(this, 'ApiRole', {
      assumedBy: new iam.ServicePrincipal('<http://apigateway.amazonaws.com|apigateway.amazonaws.com>'),
    });

    apiRole.addToPolicy(new iam.PolicyStatement({
      effect: iam.Effect.ALLOW,
      resources: [`arn:aws:dynamodb:${Aws.REGION}:${Aws.ACCOUNT_ID}:table/${table.tableName}`],
      actions: ["dynamodb:Scan"]
    }))

    const api = new apigateway.RestApi(this, 'ServerlessNotesApi', {});

    const notesListIntegration = new apigateway.AwsIntegration({
      service: 'dynamodb',
      action: 'Scan',
      options: {
        credentialsRole: apiRole,
        requestTemplates: { 'application/json': `{"TableName": "${table.tableName}"}`, },
        integrationResponses: [
          {
            statusCode: '200',
            responseTemplates: {
              'application/json': `#set($inputRoot = $input.path('$'))
              {
                "notes": [
                  #foreach($elem in $inputRoot.Items) {
                      "noteId": "$elem.noteId.S",
                      "content": "$elem.content.S"
                  }#if($foreach.hasNext),#end
                  #end
                ]
              }`,
            },
          },
        ],
      },
    });

    api.root.addMethod('GET', notesListIntegration, { methodResponses: [{ statusCode: '200' }] });
  }
}

Hey all, another issue after upadting and we are kinda stuck here. It seems that non of the environmental variables are making it into our local dev. Whether its something like this

app.setDefaultFunctionProps({
    // environment: {
    //   NODE_OPTIONS: '--enable-source-maps',
    // },

or this for an Api

environment: {
          USER_TABLE_NAME: userTable.tableName,
          CACHE_TABLE_NAME: cacheTable.tableName,
        },

They always seem to be missing... Any ideas?

We have created an infrastructure using SST. In the same we need to create a dynamic stack from a lambda function. Can you point us to some relevant examples on the same?

Hello! Just updated to Version 60.2, and followed the 59.0 release instructions to update my application, and I seem to be getting an error. Any ideas?? I can't run anything. Thanks

hey folks, just to get your opinion if you were to start a graphql api using SST, what would be the natural choice? Use AppSync or Apollo?

I wonder what SST constructs I should use for our ReactSite to be notified of an update in a dynamodb entry? We are not using GraphQL so subscriptions aren’t a possibility here. Our workflow is quite simple: • POST api/notes (saves a note to the Table) • We then upload an image cover to the note • The upload triggers a lambda on S3 • The lambda updates the “status” of the note we created above • This status change should update on the front end the status field Multiple “partial” solutions that come to mind: • Websocket API - but it feels overkill • Using the lambda to trigger the event - feels redundant because we will anyway update the DynamoDB • Maybe Topic but I’m not sure how easy it is to add this to ReactSite (I see there is an example in the Docs for that - but there isn’t the frontend part of it) • Dynamo Stream seem to to be able to “trigger the event” Any ideas?

https://developer.mozilla.org/en-US/docs/Web/API/Push_API would this browser api help?

This may be a really dumb question, but: Where does one set the new

bundle.format

option?

does anyone know what may be causing this issue?

Hi, I’m having issues getting

sst-deploy

to run on our gitlab CI/CD, with the step continually failing with the following:

There was a problem installing nodeModules.
Error: Command failed: yarn install
  ...
There was an error synthesizing your app.

Full output in the thread

Hi everyone. I’m trying to use the incremental deploys with seed but it doesn’t work. I tried without any specific config and after I tried with “Incremental Lambda Deploys” that use a serverless-plugin. I’m receiving the message:

INFO: Incremental deploy failed. Falling back to full deploy...
INFO: Incremental deploy not enabled.

Every deploy that I do takes more than 10 min. We have more than 10 microservices waiting to use seed, because our deploys is very slow these days. We use serverless-webpack with TypeScript. The message doesn’t contains the cause and in the dashboard I didn’t find an option or a place to configure incremental deploys.

SST is being really verbose again for some reason 😕 I made one change to one function (

retryAttempts: 0

) and it decided to update nearly every single Lambda function in all stacks.

I’m trying to allow my cognito user to subscribe to IoT mqtt websocket. The connection keeps closing and I have this permissions:

this.auth.attachPermissionsForAuthUsers([
      api,
      'iot:*',
      // 'iot:Connect',
      // 'iot:Subscribe',
      // 'iot:Receive',
      new iam.PolicyStatement({
        actions: ['s3:*'],
        effect: iam.Effect.ALLOW,
        resources: [
          `${uploadsBucket.bucketArn}/private/\${<http://cognito-identity.amazonaws.com:sub|cognito-identity.amazonaws.com:sub>}/*`,
        ],
      }),
    ]);

Am I missing something here?

Anyone know how to implement top-level await in AWS Lambda when using

sst.function

? Seems like there are only two options: 1. add

"type": "module",

to

package.json

which don’t think works since we only have a single package.json for all out lambdas 2. save the file as extension

*.cjs

do we have access to this with

sst.Function

?

solved I was getting an obscure Access Denied 403 Error for uploading to an S3 bucket. You can see what mistake I made in the thread. I’ve updated this post so that there’s search-ability in the future.

Was going through the notes app guide.. got about half way through it.. ran into an issues with the adding auth section.. as you cant use the @aws-cdk/aws-iam package with cdk v2 .. found a fix for that.. but along the way something happened, now i am getting an error:

Stack mattdev-notes-debug-stack
Status: failed
Error: The mattdev--notes-debug-stack stack contains no resources.

Even with a freshly initialized repo

Hey @Harris Newsteder, do you have the

esm

flag enabled for your functions? (cc @thdxr)