Snipper03
Reputation: 1524
Allow lambda to access particular s3 bucket in serverless config
How can I allow specific lambda to access to a particular s3 bucket in the serverless.yml?
For example, I am porting file upload functionality to lambda by using serverless. To upload a file to a particular s3 bucket, I need to allow lambda to access to that s3 bucket. How can I do this in the serverless.yml?
Upvotes: 10
Views: 9944
Answers (1)
John Rotenstein
Reputation: 269284
From Serverless Framework - AWS Lambda Guide - IAM:
To add specific rights to this service-wide Role, define statements in
provider.iamRoleStatementswhich will be merged into the generated policy.
service: new-service
provider:
name: aws
iam:
role:
statements:
- Effect: 'Allow'
Action:
- 's3:ListBucket'
Resource:
Fn::Join:
- ''
- - 'arn:aws:s3:::'
- Ref: ServerlessDeploymentBucket
- Effect: 'Allow'
Action:
- 's3:PutObject'
Resource:
Fn::Join:
- ''
- - 'arn:aws:s3:::'
- Ref: ServerlessDeploymentBucket
- '/*'
Upvotes: 21
Related Questions
- S3 Policy to Allow Lambda
- Accessing S3 bucket from Lambda
- Grant Lambda access to private S3 bucket
- Lambda policy to access S3
- Tried to allow lambda to access S3 with S3 resource based policy, why didn't it work?
- AWS Lambda working with S3
- Configuring AWS Lambda to access S3 Bucket
- Use AWS Lambda to access S3 using only Roles
- How to add bucket permission in serverless.yml
- Why my Serverless Lambda unable to access S3 bucket and items?