Different issue to the above but looks like the `Script` I h Serverless Stack #help

Different issue to the above, but looks like the `...

Brinsley

02/01/2022, 11:30 AM

Different issue to the above, but looks like the

Script

I had configured for

OnCreate

can no longer call the function after updating it to also run for `onUpdate`:

Copy code

❌  uat-test-script-postDeploy failed: Received response status [FAILED] from custom resource. Message returned: AccessDeniedException: User: arn:aws:sts::XXXX:assumed-role/uat-test-script-postDeplo-databasemigrationsScript-ZR7JG0WQ7X78/uat-test-script-postDeplo-databasemigrationsScript-RNd8bebkFvd9 is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:eu-west-2:XXXX:function:uat-test-script-postDeplo-databasemigrationsonUpda-lYXmgfD7kvbZ because no identity-based policy allows the lambda:InvokeFunction action
    at Object.extractError (/var/runtime/node_modules/aws-sdk/lib/protocol/json.js:52:27)
    at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/protocol/rest_json.js:55:8)
    at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:688:14)
    at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:690:12) (RequestId: 8108ca79-2fa1-4df4-800f-6a8d94af4c82)

Any ideas here?

Jay

02/06/2022, 10:54 PM

Just checking if you are still having this issue.

Brinsley

02/07/2022, 10:01 AM

Yea, the project is currently sitting on the backburner while I was waiting for a response or Google turned up anything useful. Not seen many people trying to run db migrations in this manner so it might be I need to rethink my strategy a bit.

Jay

02/07/2022, 6:54 PM

Yeah let me pull @Frank in for this.

Frank

02/24/2022, 2:41 AM

Hey @Brinsley if you are still having this issue, can you go into your AWS IAM console and look for the IAM role from the log above

uat-test-script-postDeplo-databasemigrationsScript-ZR7JG0WQ7X78

Frank

02/24/2022, 2:42 AM

And see if you spot

lambda:InvokeFunction

in its policy.

Brinsley

02/24/2022, 8:35 AM

Hey @Frank this somehow managed to resolve itself. Though, I might’ve just deleted all resources and then forgotten. Have since been running a bunch of deployment to get the main logic of the lambda running and it hasn’t fallen over yet 🙂 only just clocked this.

Frank

02/27/2022, 9:20 AM

Ah glad it working!

3 Views

Open in Slack

Previous Next