Reputation: 3330
Error publishing ASP.NET Core Web API to AWS Serverless Lambda: 'AWSLambdaFullAccess' at 'policyArn' ... Member must have length greater than
For over a year I have been able to publish a ASP.NET Core Web API application using Visual Studio 2019 by selecting "Publish to AWS Lambda..." without incident (via a right click on the project). Until yesterday. Now it consistently fails to publish and rolls back.
The following two reasons are given as to why it has failed.
1 validation error detected: Value 'AWSLambdaFullAccess' at 'policyArn' failed to satisfy constraint: Member must have length greater than or equal to 20 (Service: AmazonIdentityManagement; Status Code: 400; Error Code: ValidationError; Request ID: ...; Proxy: null)
The following resource(s) failed to create: [AspNetCoreFunctionRole, Bucket]. Rollback requested by user.
I have looked at AWSLambdaFullAccess and AWSLambda_FullAccess and the other things and just have no model to follow or even know what it is referring to in any sense where I can imagine a fruitful path to proceed. What exactly is the "Member" it is referring to? Extensive research has yielded nothing of use.
I want to successfully publish my Web API. What can I look into to proceed?
Upvotes: 7
Views: 2329
Answers (2)
Reputation: 454
This may not be the correct or ideal solution, I tried this approach and it worked
Step 1:
Changed the Access from "AWSLambdaFullAccess" to "AWSLambda_FullAccess" in serverless.template
"Resources": {
"AspNetCoreFunction": {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "SampleAPI::SampleAPI.LambdaEntryPoint::FunctionHandlerAsync",
"Runtime": "dotnetcore3.1",
"CodeUri": "",
"MemorySize": 256,
"Timeout": 30,
"Role": null,
"Policies": [
"AWSLambda_FullAccess"
],
"Environment": {
"Variables": {
"AppS3Bucket": {
Lambda publishing was successful after this step.
Step 2:
Then I faced an issue in accessing the DynamoDb table. I went to IAM role added the DynamoDb Execution role. (Previously I don't remember adding this role explicitly)
Upvotes: 14
Reputation: 996
According to https://docs.aws.amazon.com/lambda/latest/dg/access-control-identity-based.html the AWSLambdaFullAccess policy has just been deprecated and as a result my stack which I tried to update was stuck in UPDATE_ROLLBACK_FAILED.
To fix this I had to take the following steps:
- Manually continue the rollback of the stack from the CloudFormation page and ensuring that I was skipping the role which was referencing
AWSLambdaFullAccess. - Change my
AWSLambdaFullAccessreference toAWSLambda_FullAccessin the CloudFormation template - Update the stack using my newly updated CloudFormation template
Hope this is able to help someone!
Upvotes: 9
Related Questions
- AWS Serverless Application Publish via Visual Studio
- The API with ID does not include a resource with path /* having an integration LAMBDA on the ANY method
- Deploying to AWS Lambda in VS2019 with API Gateway gives {"message":"Internal Server Error"}
- Policy malformed when deploying serverless application
- Cannot deploy a self-contained .NET Core 3.0 application to AWS Lambda
- Deploying AWS Serverless lambda Application with AmazonServerlessApplicationRepositoryClient does not work?
- Set AWS Authorizer entry for ASP.NET Core lambda function serverless.template file
- AWS Lambda - Building serverless API using .NET Core
- VS 2017 AWS Lamda Publish error Max version supported by netcoreapp1.0 is 1.6.0
- Unable To Publish To AWS Lambda From Visual Studio 2017