Reputation: 532
Permission issue when deploying Serverless Python app
I have a Serverless Python app and I am trying to deploy it using sls deploy. The serverless.yml is as follows.
service: update-register
provider:
name: aws
runtime: python3.8
profile: haumi
stage: ${opt:stage, 'staging'}
environment: ${file(environment.yml):${self:provider.stage}}
region: ${self:provider.environment.REGION}
iamRoleStatements:
# para poder leer y escribir en el bucket
- Effect: "Allow"
Action:
- "sqs:SendMessage"
Resource: "*"
functions:
update:
handler: handler.update
events:
- sqs: ${self:provider.environment.AWS_SQS_QUEUE}
The handler file is like this:
def update(event, context):
print("=== event: ", event)
However when I try to deploy and trigger the update function the following error appears in AWS Cloudwatch
[ERROR] PermissionError: [Errno 13] Permission denied: '/var/task/handler.py'
Traceback (most recent call last):
File "/var/lang/lib/python3.8/imp.py", line 300, in find_module
with open(file_path, 'rb') as file:
I tried changing the permissions of this file but I can't. Any ideas?
Upvotes: 2
Views: 1137
Answers (2)
Reputation: 497
Another cause for the exact same error:
[ERROR] PermissionError: [Errno 13] Permission denied: '/var/task/<my_lambda_python_file>.py'
Traceback (most recent call last):
File "/var/lang/lib/python3.8/imp.py", line 300, in find_module
with open(file_path, 'rb') as file:
I was deploying the Lambda using Atlassian Bamboo, and Bamboo seemed to be messing with the permissions of the files that make up the lambda:
-rw-r-----@ 1 <user> <group> 2.5K 19 Nov 18:10 <my_lambda_python_file>.py
I worked around this problem by adding to the Bamboo script:
chmod 755 <my_lambda_python_file>.py
just before bundling the code into a zip file.
Upvotes: 0
Reputation: 532
This issue had nothing to do with Serverless but with the permissions of my mounted NTFS partition in Ubuntu 18.04.
tl;dr Change /etc/fstab to of the mounted partition to
UUID=8646486646485957 /home/Data ntfs defaults,auto,umask=002,uid=1000,gid=1000 0 0
Use id -u to get the uid and gid.
The long explanation
What I found out is that in an NTFS partition you cannot just change a file permissions with chmod. You require to configure the mask while mounting the partition. Since I mount the partition upon booting Ubuntu, the required change was in my fstab file. The umask parameter determines which permissions cannot be set. You can find more information about this parameter here.
After you do this reboot. You will find that the files have a different permission. In my case the permissions that allowed my deployed code to work were
-rwxrwxr-x 1 user group 59 jul 24 00:47 handler.py*
I am sure there are issues by allowing others to execute the file. But this solved the issue.
Upvotes: 2
Related Questions
- AWS Lambda Serverless deploy asking for AWS provider credentials
- Execution failed due to configuration error: Invalid permissions on Lambda function
- Error deploying Python package to AWS lambda using Serverless framework
- How do I solve the deploy serverless error : The provided access key is not authorized for this operation?
- Permission required for the server less deploy command
- AWS lambda problem with deployment - not enough permissions
- Serverless Deployment not working (Python, Lambda)
- Policy malformed when deploying serverless application
- Permissions for Lambda invocation conflicts with API Gateway permissions
- Lambda Function Serverless permission