Photo Compositing Lambda Function Fails With "Access Denied" Error

[ykkarra]

Describe the bug Lamda function, theme-park-photos-CompositeFunction-XXXXXXXXX in "Section 3 - On-Ride photo processing" fails with Access denied error, while processing a photo that is uploaded into "upload" S3 bucket.

Link to workshop URL https://www.eventbox.dev/published/lesson/innovator-island/3-photos/2-backend/2-compositing.html

To Reproduce Steps to reproduce the behavior:

1. Complete the steps detailed in the link here - https://www.eventbox.dev/published/lesson/innovator-island/3-photos/2-backend/2-compositing.html
2. Check the CloudWatch logs for the Lambda function - "theme-park-photos-CompositeFunction-XXXXXXXXX"

Expected behavior The photo uploaded in ''upload" S3 bucket should be processed by the Lambda function and saved to "final" S3 bucket

Additional context Add any other context about the problem here.

[wbenhallam]

I had the same issue. Removing the "ACL: 'public-read'" property from the outParams in app.js fixed it for me. Which means that your S3 block public access settings for the account level is activated. So the quick fix is to disable block public access settings for the account.

[jbesw]

Hello! You must use an AWS account that allows public access to objects in S3 buckets. If you are using a restricted account, the "ACL: public-read" attribute throws an error as described.

If you remove the "ACL: public-read" attribute in the Lambda code, while this removes the error, it also breaks the functionality in the frontend, since it can no longer access the image over a public https endpoint. I recommend that you don't change the code used in the workshop to ensure you have a consistent experience in later sections and modules.

Please ensure that the AWS account you use is unrestricted - the easiest way to do this is to create a personal account where you have admin rights. I hope this helps, but if you run into any questions, please email me at jbeswick@amazon.com.