serverless-aws-alias
serverless-aws-alias copied to clipboard
AWS::Lambda::Permission for SNS not working
Hi,
I'm trying to create an additional AWS::Lambda::Permission for invocation by SNS topics:
resources:
SNSPermission:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
Ref: Route53Registration
Action: lambda:InvokeFunction
Principal: sns.amazonaws.com
SourceArn:
Fn::Join:
- ':'
-
- 'arn:aws:sns'
- Ref: 'AWS::Region'
- Ref: 'AWS::AccountId'
- '*'
But I get the following error:
Serverless: Updating alias stack...
Serverless: WARNING: Inappropriate call of provider.request()
Serverless Error ---------------------------------------
[/Resources/SNSPermission/DependsOn/0] 'null' values are not allowed in templates
Stack Trace --------------------------------------------
ServerlessError: [/Resources/SNSPermission/DependsOn/0] 'null' values are not allowed in templates
at BbPromise.fromCallback.catch.err (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:258:33)
From previous event:
at persistentRequest (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:247:13)
at doCall (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:205:9)
at BbPromise (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:216:14)
From previous event:
at persistentRequest (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:203:38)
at Object.request.requestQueue.add [as promiseGenerator] (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:237:49)
at Queue._dequeue (/usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:149:30)
at /usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:108:18
From previous event:
at Queue.add (/usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:93:16)
at AwsProvider.request (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:237:39)
at AwsAlias.updateAlias (/home/alfred/repos/oa/lambda-asg-sf/route53_registration/node_modules/serverless-aws-alias/lib/updateAliasStack.js:82:25)
at runCallback (timers.js:672:20)
at tryOnImmediate (timers.js:645:5)
at processImmediate [as _immediateCallback] (timers.js:617:5)
Get Support --------------------------------------------
Docs: docs.serverless.com
Bugs: github.com/serverless/serverless/issues
Forums: forum.serverless.com
Chat: gitter.im/serverless/serverless
Your Environment Information -----------------------------
OS: linux
Node Version: 6.11.4
Serverless Version: 1.25.0
This is the relevant part of the generated CloudFormation template:
"SNSPermission": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"FunctionName": {},
"Action": "lambda:InvokeFunction",
"Principal": "sns.amazonaws.com",
"SourceArn": {
"Fn::Join": [
":",
[
"arn:aws:sns",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"*",
"-dev"
]
]
}
},
"DependsOn": [
null,
null
]
}
There are three problems:
- The
FunctionName
property is set to an empty hash. - The
SourceArn
property is suffixed with-dev
. - The
DependsOn
attribute is an array of twonull
s.
Can you try with the version in master instead of the NPM version? Just use "serverless-aws-alias": "github:hyperbrain/serverless-aws-alias#master"
in your package.json.
There are some new fixes with SNS there.
I did that and the result is the same. I also tried to add "scripts": {"deploy": "serverless deploy"}
to package.json
and run npm run deploy
(to make sure the correct version of the plugin is loaded) but still the same result. Is there another way to verify that the correct version of the plugin is loaded?
Is the Route53Registration
function part of the project, or is it an external function reference?
It's the only function in this project, so no external reference.
Any update on this?
I think one problem here is that it tries to modify the source ARN and append the current alias (because any SNS topics deployed with serverless will also have the alias suffix). But in my case I have a pre-existing SNS topic that is shared by multiple lambda functions and I just want the lambda function that I'm deploy currently to invoked by that pre-existing SNS topic.
@devkid I think you're right. In case the topic arn is external there should be no addition of the alias name.
A way to fix this would be, to check if the source arns of the permission resources are external, and if one is, skip the alias extension. However the detection algorithm for external/internal has to be deterministic and reliable.
Closing since the project seems to be dead