Serverless deployement giving access denied and forbidden on writing and reading an s3 bucket respectively

0

I have an api which takes a file from user and uploads it to s3. I am using my IAM access and secret to configure the s3 client. I have turned off all public access in my bucket and am using default permissions. In my local machine, I am able to read and write objects in the bucket successfully but when I am deploying it to a lambda using serverless, and checking the api it is giving error access denied for writing and Forbidden: null for reading. I have checked my environment variables and they seem correct. I don't understand why it is not working on Serverless if it is working locally.

1 réponse
1

Hi,

When running in Lambda, you don't want to use env var for access keys and secret keys: it is a bad practice.

You rather want to use the Lambda execution role and grant it the service credentials needed by your use case: https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html

This article explains very well how to use the execution role: https://medium.com/aws-lambda-serverless-developer-guide-with-hands/aws-lambda-permissions-execution-role-and-resource-based-policies-be2e325998fc

Best,

Didier

profile pictureAWS
EXPERT
répondu il y a 2 mois
profile picture
EXPERT
vérifié il y a 2 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions