search

serverless-nextjs / serverless-next.js

⚡ Deploy your Next.js apps on AWS Lambda@Edge via Serverless Components
MIT License
4.44k stars 452 forks source link

AccessDeniedException: null error when running serverless with active AWS credentials #2416

Open nagmak opened 2 years ago

nagmak commented 2 years ago

Issue Summary

After deploying our app yesterday everything was working fine for about 12-20 hours. Today morning the whole team has been experiencing this error. We're unable to re-deploy the app, and there's not much more information than this null value. We even tried upgrading to the latest alpha with no change.

We have admin access in AWS, and our roles have access to DynamoDB, CloudFront, Lambda, and everything else that is needed to run the app correctly.

  error:
  AccessDeniedException: null
    at Object.extractError (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/protocol/json.js:52:27)
    at Request.extractError (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/protocol/rest_json.js:49:8)
    at Request.callListeners (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/nugget/.serverless/components/registry/npm/@sls-next/serverless-component@3.7.0-alpha.11/node_modules/@sls-next/aws-lambda/node_modules/aws-sdk/lib/request.js:688:12) {
  code: 'AccessDeniedException',
  time: 2022-03-29T16:48:41.486Z,
  requestId: 'e6e4ca3a-ff84-4922-ba5d-24ea7b4059ef',
  statusCode: 403,
  retryable: false,
  retryDelay: 25.58786510856832
}

Actual behavior

After our app was deployed, close to 20hrs later, we noticed a 503 error in some pages. After this, we attempted to re-deploy the app and realized we were all running into AccessDeniedException: null errors. In our logs on CloudFront there isn't too much information either.

Screen Shot 2022-03-29 at 10 02 46 AM

Expected behavior

Expected to have either the app deployed and working or a more readable error to better understand why this is occurring. The current error is not providing enough information to move ahead.

Steps to reproduce

next.config.js

module.exports = {
  env: {
    TABLE_NAME: "<TABLE NAME>",
  },
  webpack: (config) => {
    if (!process.env.BUNDLE_AWS_SDK) {
      config.externals = config.externals || [];
      config.externals.push({ "aws-sdk": "aws-sdk" });
    } else {
      console.warn("Bundling aws-sdk. Only doing this in development mode");
    }
    return config;
  },
};

our serverless.yml:

twali-xyz-staging:
  component: "@sls-next/serverless-component@3.7.0-alpha.12"
  inputs:
    policy: "arn:aws:iam::<ACCOUNT ID>:policy/<POLICY NAME>"
    roleArn: "arn:aws:iam::<ACCOUNT ID>:role/<ROLE NAME>"
    build:
      env:
        TABLE_NAME: "<DB NAME>"

Basically just running serverless as usual on our app, results in this new AccessDeniedException: null that never appeared before.

Screenshots/Code/Configuration/Logs

Screen Shot 2022-03-29 at 12 28 13 PM

Versions

pavlo-mais commented 1 year ago

Same problem

CMcDev commented 1 year ago

Any update on this? I am running into the same issues.