Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Event Type S3 doesn't support name reference #206

Closed
solivaf opened this issue Nov 29, 2017 · 7 comments
Closed

Event Type S3 doesn't support name reference #206

solivaf opened this issue Nov 29, 2017 · 7 comments

Comments

@solivaf
Copy link

solivaf commented Nov 29, 2017

Hi all,

I am trying to use Event Source S3 Type with Bucket property value as name and not a reference, but I receive an error from SAM

Failed to create the changeset: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state Status: FAILED. Reason: Transform AWS::Serverless-2016-10-31 failed with: Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [FooFunction] is invalid. Event with id [EntryFileCreated] is invalid. S3 events must reference an S3 bucket in the same template.

My template.yaml is below.

AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Resources:
  FooFunction:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: EntryFile
      Policies:
        - AmazonS3FullAccess
        - AmazonDynamoDBFullAccess
      Handler: entry.lambda_handler
      Runtime: python3.6
      Events:
        EntryFileCreated:
          Type: S3
          Properties:
            Bucket: foo-bucket
            Events: s3:ObjectCreated:*
            Filter:
              S3Key:
                Rules:
                  - Name: prefix
                    Value: entry/

BTW, if I use a Reference (as you can see below) , SAM tries to create a new resource instead of use one that already exists.

AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Resources:
  FooFunction:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: EntryFile
      Policies:
        - AmazonS3FullAccess
        - AmazonDynamoDBFullAccess
      Handler: entry.lambda_handler
      Runtime: python3.6
      Events:
        EntryFileCreated:
          Type: S3
          Properties:
            Bucket: !Ref Bucket
            Events: s3:ObjectCreated:*
            Filter:
              S3Key:
                Rules:
                  - Name: prefix
                    Value: entry/
    Bucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: "foo-bucket"

If I use the model above, I receive the error below from CloudFormation.

The following resource(s) failed to create: [Bucket]. . Rollback requested by user. foo-bucket already exists.

I am not sure if I am mistaken or something but it seems a bug.
@iph
Copy link

iph commented Dec 2, 2017

I think in this case, we got a sucky case of CloudFormation does not support adoption of resources like that.

If foo-bucket already exists (which it does), then you need to create a different name for the bucket in order for it to work. If this bucket is important, you may want to open a feature request with SAM: https://github.com/awslabs/serverless-application-model and ask for s3 bucket referencing outside of the cloudformation template. My guess is it is some sort of intrinsic-y goodness that would hold back that feature, but that's just my guess.

@jfuss
Copy link
Contributor

jfuss commented Dec 2, 2017

@iph and @solivaf Unfortunately, we need CloudFormation to allow adoption of existing resources. SAM is pretty helpless in this area since SAM is built on top of CloudFormation. Once CloudFormation allows this adoption, SAM will support it (hopefully at launch). There is some more information here.

There was one workaround suggested in that issue, if creating a new bucket through CloudFormation is not an option (as @iph suggested): "Faced this limitation recently and workaround it with combination of S3->SNS and SAM<-SNS. Works pretty good and completely automated." - @sanyer

@programmieramt
Copy link

I have the same problem I want to use our cloudtrail Logging bucket to access with my SAM application.
Are there any news on that issue?

@hardingmatt
Copy link

+1

I would also really like this feature. My use case is:

Unfortunately, the easiest workaround is:

  1. Use the Serverless Application Repository to create a new bucket with image re-scaling
  2. Change my API to write to both locations, and migrate all old images
  3. Change my API to read from new bucket
  4. Delete old bucket

Links:

@hardingmatt hardingmatt mentioned this issue Apr 4, 2018
Closed
@sanathkr
Copy link
Contributor

sanathkr commented Jun 1, 2018

This is a SAM repository feature request and not a SAM CLI one. I would encourage you to add the request to https://github.com/awslabs/serverless-application-model if one is not already available.

Closing this

@sanathkr sanathkr closed this as completed Jun 1, 2018
@kylegordon
Copy link

This appears to be already raised as an issue at aws/serverless-application-model#124

@rezabekf rezabekf mentioned this issue Jun 8, 2020
Merged
@allanchua101
Copy link

This validation rule is a bit disappointing because IAC best practices encourages layered provisioning of resources. Provisioning of stateful resources would be awesome if they are protected inside their own stack and not merged with disposable/transient infrastructure like (EC2, lambdas, etcs)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@kylegordon @iph @hardingmatt @solivaf @programmieramt @sanathkr @allanchua101 @jfuss