Home > database >  how to solve Circular dependency between resources: [s3bucketvideo, S3InvokeLambdaPermission]
how to solve Circular dependency between resources: [s3bucketvideo, S3InvokeLambdaPermission]

Time:12-07

Thanks in advance. I am trying to create s3 bucket and lambda function. Goal is to execute lambda function as we upload anything on an s3 bucket. I have tried different methods but doesn't seem to work. Any help is appreciated.

Resources:
s3bucketvideo:
    Type: AWS::S3::Bucket
    DependsOn: S3InvokeLambdaPermission
    Properties:
        BucketName: s3bucketvideo
        NotificationConfiguration:
            LambdaConfigurations:
              - Event: 's3:ObjectCreated:*'
                Function: !GetAtt VideoToImageLambda.Arn
        
S3InvokeLambdaPermission:
    Type: AWS::Lambda::Permission
    Properties:
        Action: lambda:InvokeFunction
        FunctionName: !Ref VideoToImageLambda
        Principal: s3.amazonaws.com
        SourceArn: !GetAtt s3bucketvideo.Arn
    
cflambdarole:
    Type: AWS::IAM::Role
    Properties: 
        RoleName: cflambdarole
        AssumeRolePolicyDocument:
            Statement:
              - Effect: Allow
                Principal:
                  Service: lambda.amazonaws.com
                Action: sts:AssumeRole
        ManagedPolicyArns:
            - arn:aws:iam::aws:policy/AWSLambda_FullAccess
            - arn:aws:iam::aws:policy/AWSLambdaExecute
            - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

VideoToImageLambda:
    Type: AWS::Lambda::Function
    Properties:
        FunctionName: VideoToImageLambda
        Timeout: 120
        Role:
            Fn::GetAtt:
                - cflambdarole
                - Arn
        Runtime: python3.9
        Handler: script.hprint
        Code:
            S3Bucket: s3-neuralopsdev
            S3Key: script.zip

  

CodePudding user response:

One quick solution is to use SourceAccount instead of SourceArn in the permission:

SourceAccount: !Ref 'AWS::AccountId'

After you create the stack, you can also add SourceArn and do an update.

This is also discussed here.

CodePudding user response:

Just an update. I created the stack without bucket notification and then updated the stack with bucket notification for a quick solution. It did the trick.

  • Related