Open jeff-wishnie opened 2 years ago
I believe this means your IAM role doesn't have permission to something. It will need to get an object from S3 and it getting an "AccessDenied"
Can you confirm your IAM Policy that is used while running terraform?
I can confirm that the AWS account has full S3 GetObject permissions.
I think the issue is lack of permissions to retrieve lambda-github-webhook-function.zip
from a bucket you own.
Hmm, let me investigate that.
I changed the objects, ACLs, let me know if that works!
I'm also still getting the same permission denied issue. Tested with both a restricted role and administrator access.
can confirm this is a permissions issue. i manually compiled and created lambda-github-webhook-function.zip
and put it an s3 bucket accessible to me. i then updated webhook_module/main.tf
to point to my bucket, and the was able to successfully complete terraform apply
I changed the objects, ACLs, let me know if that works!
still doesn't work
A solution to this problem is to change deploy/webook_module/main.tf
to compile the webhook code locally, rather than pulling it from S3:
resource "null_resource" "lambda_github_webhook_pull_zip" {
provisioner "local-exec" {
command = "mkdir -p ${var.file_destination} && cd ${var.file_destination}/../src/lambda-github-webhook && GOOS=linux go build -o ../../main && cd ../.. && zip ${abspath(var.file_destination)}/lambda-github-webhook-function.zip main"
}
}
A solution to this problem is to change
deploy/webook_module/main.tf
to compile the webhook code locally, rather than pulling it from S3:resource "null_resource" "lambda_github_webhook_pull_zip" { provisioner "local-exec" { command = "mkdir -p ${var.file_destination} && cd ${var.file_destination}/../src/lambda-github-webhook && GOOS=linux go build -o ../../main && cd ../.. && zip ${abspath(var.file_destination)}/lambda-github-webhook-function.zip main" } }
This worked for me, thank you!
Hello, this setup looks very cool. I'm trying to try it out but am getting an error deploying with Terraform, and am not familiar enough with Terraform to easily debug.
There is a step that is attempting to pull a zip from an s3 bucket that has yet to be created that is erroring out.
Any guidance appreciated!