Serverless deployement giving access denied and forbidden on writing and reading an s3 bucket respectively

0

I have an api which takes a file from user and uploads it to s3. I am using my IAM access and secret to configure the s3 client. I have turned off all public access in my bucket and am using default permissions. In my local machine, I am able to read and write objects in the bucket successfully but when I am deploying it to a lambda using serverless, and checking the api it is giving error access denied for writing and Forbidden: null for reading. I have checked my environment variables and they seem correct. I don't understand why it is not working on Serverless if it is working locally.

1 個回答
1

Hi,

When running in Lambda, you don't want to use env var for access keys and secret keys: it is a bad practice.

You rather want to use the Lambda execution role and grant it the service credentials needed by your use case: https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html

This article explains very well how to use the execution role: https://medium.com/aws-lambda-serverless-developer-guide-with-hands/aws-lambda-permissions-execution-role-and-resource-based-policies-be2e325998fc

Best,

Didier

profile pictureAWS
專家
已回答 2 個月前
profile picture
專家
已審閱 2 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南