search

functionalone / serverless-iam-roles-per-function

Serverless Plugin for easily defining IAM roles per function via the use of iamRoleStatements at the function level.
MIT License
411 stars 58 forks source link

Adding disableLogs: true to lambda config makes plugin throw an error #102

Open markgibaud-vtail opened 2 years ago

markgibaud-vtail commented 2 years ago

Hi there,

I have the following config in Serverless.yml for a lambda:

asyncSyncProductsDb:
    handler: functions/asyncSyncProductsDb/asyncSyncProductsDb.main
    timeout: 300
    memorySize: 2048
    events:
       //eventbridge event source
    iamRoleStatements:
      - Effect: Allow
        Action:
          - ssm:GetParameters
          - ses:SendEmail
        Resource:
          - '*'

Now I want to temporarily disable creation of the log group, in order to later re-enable & recreate it in a nested stack using serverless-plugin-split-stacks custom config. However when I add disableLogs: true as per the docs I get an error:

asyncSyncProductsDb:
    handler: functions/asyncSyncProductsDb/asyncSyncProductsDb.main
    disableLogs: true
    timeout: 300
    memorySize: 2048
    events:
       //eventbridge event source
    iamRoleStatements:
      - Effect: Allow
        Action:
          - ssm:GetParameters
          - ses:SendEmail
        Resource:
          - '*'
Serverless Error ----------------------------------------

  serverless-iam-roles-per-function: ERROR: Function Resource is not in expected format. For function name: asyncSyncProductsDb

The plugin is throwing this error even though my lambda config is fine.

If I comment out the iamRoleStatements then it works fine and deletes the log group, ostensibly because this plugin does not process the lambda config.

Any ideas on fixes or workarounds? I need to do this to about 30 lambdas :-)

markgibaud-vtail commented 2 years ago

My plugins order, in case that helps!

plugins:
  - serverless-webpack
  - serverless-export-env
  - serverless-appsync-plugin
  - serverless-plugin-datadog
  - serverless-prune-plugin
  - serverless-step-functions
  - serverless-iam-roles-per-function
  - serverless-plugin-split-stacks
  - serverless-plugin-git-variables
drobakowski commented 2 years ago

Any update on this? We're running into the same problems... :/

andersquist commented 2 years ago

Since the original maintainer is the only one holding the keys to both fix the builds that are failing and being able to publish to NPM and seems to have abandoning this I've taken the steps to workaround this and is currently publishing this in a parallell plugin named serverless-iamroles.

The fork can be found here: https://github.com/andersquist/serverless-iam-roles-per-function

I've also made a PR to fix this specfic issue if you want to take a look as mentioned above.