Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

FS "does not have mount targets created in all availability zones the function will execute in" (but it does)

0

I'm getting this error

Resource handler returned message: "EFS file system arn:aws:elasticfilesystem:us- west-2:999999999999:file- system/fs-0389f6268bc5e61a8 referenced by access point arn:aws:elasticfilesystem:us- west-2:999999999999:access- point/fsap-0ee6de7a6069fda4a does not have mount targets created in all availability zones the function will execute in. Please create EFS mount targets in availability zones where the function has a corresponding subnet provided. (Service: Lambda, Status Code: 400, Request ID: 5c4b694a-ba28-4a9f-8e1a-f1fde134f398)" (RequestToken: 85c51e18-d780-d8df-44d2-54c1194cea9f, HandlerErrorCode: InvalidRequest)

But I don't understand because clearly I have setup the 3 AZs. Here's my template in its entirety:

AWSTemplateFormatVersion: 2010-09-09
Description: >-
  pouchdb-sam-app

Transform:
- AWS::Serverless-2016-10-31

Parameters:
  FileSystemName:
    Type: String
    Default: TestFileSystem

Resources:

  MountTargetVPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 172.31.0.0/16
      EnableDnsHostnames: True
      EnableDnsSupport: True      
 
  MountTargetSubnetOne:
    Type: AWS::EC2::Subnet
    Properties:
      CidrBlock: 172.31.1.0/24
      VpcId: !Ref MountTargetVPC
      AvailabilityZone: !Sub "${AWS::Region}a"

  MountTargetSubnetTwo:
    Type: AWS::EC2::Subnet
    Properties:
      CidrBlock: 172.31.2.0/24
      VpcId: !Ref MountTargetVPC
      AvailabilityZone: !Sub "${AWS::Region}b"

  MountTargetSubnetThree:
    Type: AWS::EC2::Subnet
    Properties:
      CidrBlock: 172.31.3.0/24
      VpcId: !Ref MountTargetVPC
      AvailabilityZone: !Sub "${AWS::Region}c"
 
  FileSystemResource:
    Type: 'AWS::EFS::FileSystem'
    Properties:
      PerformanceMode: maxIO
      Encrypted: true
      FileSystemTags:
        - Key: Name
          Value: !Ref FileSystemName
      FileSystemPolicy:
        Version: "2012-10-17"
        Statement:
          - Effect: "Allow"
            Action:
              - "elasticfilesystem:ClientMount"
            Principal:
              AWS: "*"

  MountTargetResource1:
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref FileSystemResource
      SubnetId: !Ref MountTargetSubnetOne
      SecurityGroups:
      - !GetAtt MountTargetVPC.DefaultSecurityGroup

  MountTargetResource2:
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref FileSystemResource
      SubnetId: !Ref MountTargetSubnetTwo
      SecurityGroups:
      - !GetAtt MountTargetVPC.DefaultSecurityGroup

  MountTargetResource3:
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref FileSystemResource
      SubnetId: !Ref MountTargetSubnetThree
      SecurityGroups:
      - !GetAtt MountTargetVPC.DefaultSecurityGroup
 
  AccessPointResource:
    Type: 'AWS::EFS::AccessPoint'
    Properties:
      FileSystemId: !Ref FileSystemResource
      PosixUser:
        Uid: "1000"
        Gid: "1000"
      RootDirectory:
        CreationInfo:
          OwnerGid: "1000"
          OwnerUid: "1000"
          Permissions: "0777"
        Path: "/data"

  getAllItemsFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: src/handlers/get-all-items.getAllItemsHandler
      Runtime: nodejs16.x
      Architectures:
        - x86_64
      MemorySize: 128
      Timeout: 100
      Events:
        Api:
          Type: Api
          Properties:
            Path: /{proxy+}
            Method: ANY
      VpcConfig:
        SecurityGroupIds:
        - !GetAtt MountTargetVPC.DefaultSecurityGroup
        SubnetIds: [ !Ref MountTargetSubnetOne, !Ref MountTargetSubnetTwo, !Ref MountTargetSubnetThree ]
      FileSystemConfigs:
      - Arn: !GetAtt AccessPointResource.Arn
        LocalMountPath: "/mnt/data"
      Policies:
      - Statement:
        - Sid: AWSLambdaVPCAccessExecutionRole
          Effect: Allow
          Action:
            - logs:CreateLogGroup
            - logs:CreateLogStream
            - logs:PutLogEvents
            - ec2:CreateNetworkInterface
            - ec2:DescribeNetworkInterfaces
            - ec2:DeleteNetworkInterface
          Resource: "*"
        - Sid: AmazonElasticFileSystemClientFullAccess
          Effect: Allow
          Action:
            - elasticfilesystem:ClientMount
            - elasticfilesystem:ClientRootAccess
            - elasticfilesystem:ClientWrite
            - elasticfilesystem:DescribeMountTargets
          Resource: "*"

Outputs:
  WebEndpoint:
    Description: "API Gateway endpoint URL for Prod stage"
    Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/"
Themen
SpeicherServerlosKalkulationManagement & Unternehmensführung
Tags
Amazon Elastic DateisystemAWS LambdaAWS CloudFormation
Sprache
English
Alex1
gefragt vor einem Jahr550 Aufrufe
1 Antwort
0

Fixed by adding DependsOn: [ MountTargetResource1, MountTargetResource2, MountTargetResource3 ] under getAllItemsFunction.

Alex1
beantwortet vor einem Jahr

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt