Lambda S3 Event Source Custom Resource Missing Depends On #1501
Comments
|
We need to make it easier to add a dependency on an added policy. This comes up all the time. |
rix0rrr
added
pr/breaking-change
|
We should rethink how dependencies are modeled and added (#95). I think we might be able to take a dependency on any construct which will transitively mean that you will add a dependency to all resources in that scope. |
|
I would still prefer to do a more pin-pointed approach (depend on just the policy you added). But on the other hand, the way we arrange our policies today would effectively mean the same thing, since we lump all statements into the same policy anyway. |
eladb
added
@aws-cdk/aws-lambda
|
FYI - I just hit this bug again. I had a Lambda triggered directly from S3. I needed to move to S3->SNS->Lambda so I could have multiple things listening to this path. The worst part is I get no error and the event is not put on the s3 bucket. I think we might want to find a way to at least alert the user to this problem? |
|
This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
github-actions
bot
added
closing-soon
When you create an S3 Event source for a lambda function the customer resource is really an in line lambda. That inline lambda does not correctly apply a depends on for the role and policy that the lambda needs. If you update and delete the lambda or notification you can find your self in a 403 error scenario.
We need to properly set those depends on in order to support updating. To verify this problem I manually updated the CFN template with depends on after receiving multiple failures.
The text was updated successfully, but these errors were encountered: