【发布时间】:2021-06-08 18:32:51
【问题描述】:
我正在使用无服务器设置一个 Lambda 函数,该函数在将对象上传到 S3 存储桶时触发。我希望 Lambda 函数将上传的文件从 S3 下载到 EFS。当我尝试部署以下severless.yml 文件时,出现错误:Function "cfnTrigger": when using fileSystemConfig, ensure that function has vpc configured on function or provider level。
我尝试在全局和模板的 Lambda 函数部分中定义 Vpc,但都产生相同的错误。此外,我在Vpc 中列出的实际安全组代表分配给 EFS 资源和它所附加的 EC2 实例的一组安全组。这两个资源也在我在模板中列出的同一个子网中。
有什么想法吗?
serverless.yml:
service: cfn-trigger-test
frameworkVersion: '2'
provider:
name: aws
runtime: python3.8
stage: dev
region: us-west-2
vpc:
securityGroupIds:
- sg-XXXXXXXXXX
- sg-XXXXXXXXXX
- sg-XXXXXXXXXX
subnetdIds:
- subnet-XXXXXXXX
functions:
cfnTrigger:
handler: handler.download_files_to_efs
description: Lambda to download S3 file to EFS folder.
events:
- s3:
bucket: cfn-trigger-test
event: s3:ObjectCreated:*
existing: true
fileSystemConfig:
localMountPath: /mnt/efs
arn: arn:aws:elasticfilesystem:us-west-2:XXXXXXX:access-point/fsap-XXXXX
iamRoleStatements:
- Effect: "Allow"
Action:
- states:*
Resource: "*"
- Effect: Allow
Action:
- elasticfilesystem:ClientMount
- elasticfilesystem:ClientWrite
- elasticfilesystem:ClientRootAccess
Resource:
- arn:aws:elasticfilesystem:us-west-2:XXXXXXXX:file-system/fs-XXXXXX
plugins:
- serverless-step-functions
- serverless-iam-roles-per-function
package:
individually: true
exclude:
- '**/*'
include:
- handler.py
【问题讨论】:
-
forum.serverless.com/t/lambda-deploy-into-vpc/5829/6。是“vpc”下的拼写错误“subnetdIds”吗?
-
是的,原来是这个问题!
标签: amazon-web-services amazon-s3 aws-lambda serverless-framework amazon-efs