发生错误: IamRoleLambdaExecution -角色的最大策略大小超过10240字节
在serverless.yml中使用无服务器插件拆分堆栈并获得此错误
发生错误: IamRoleLambdaExecution -最大策略大小超过角色Vkonnect-dev-ap-1-lambdaRole(服务: AmazonIdentityManagement;状态代码: 409;错误代码: LimitExceeded;请求ID: 51920d55-4b81-4b6c-99f1-d9f0ba087cc2;代理: null)。
当我使用serverless-plugin-custom-roles时,我会得到这个错误
dependency . CloudFormation模板无效:资源之间的循环依赖关系: GenerateOtpDocLambdaPermissionApiGateway,CloudFormation.
serverless.yml
service: Vkonnect #Name of your App
provider:
name: aws
runtime: nodejs14.x # Node JS version
memorySize: 128
timeout: 10
stage: dev
region: ap-south-1 # AWS region
deploymentBucket:
name: vkonnectlayers
# iamRoleStatements:
# - Effect: "Allow"
# Action:
# - "s3:*"
# Resource:
# NOTE you can't refer to the LogicalID of S3Bucket, otherwise
# there will be a circular reference in CloudFormation
iamRoleStatements:
- Effect: "Allow"
Action:
- "cloudformation:*"
- "codecommit:*"
- "apigateway:*"
- "execute-api:Invoke"
- "execute-api:ManageConnections"
- "cloudformation:DescribeStacks"
- "cloudformation:ListStackResources"
- "cloudwatch:ListMetrics"
- "cloudwatch:GetMetricData"
- "ec2:DescribeSecurityGroups"
- "ec2:DescribeSubnets"
- "ec2:DescribeVpcs"
- "kms:ListAliases"
- "iam:GetPolicy"
- "iam:GetPolicyVersion"
- "iam:GetRole"
- "iam:GetRolePolicy"
- "iam:ListAttachedRolePolicies"
- "iam:ListRolePolicies"
- "iam:ListRoles"
- "lambda:*"
- "logs:DescribeLogGroups"
- "states:DescribeStateMachine"
- "states:ListStateMachines"
- "tag:GetResources"
- "xray:GetTraceSummaries"
- "xray:BatchGetTraces"
Resource:
- "*"
- "arn:aws:apigateway:*::/*"
- "arn:aws:events:*:*:rule/codecommit*"
- "arn:aws:logs:*:*:log-group:/aws/lambda/*"
plugins:
- serverless-offline
- serverless-layers
- serverless-plugin-split-stacks
- serverless-plugin-custom-roles
# - serverless-nested-stack
package:
individually: true
exclude:
- ./**
custom:
splitStacks:
perFunction: false
perType: false
perGroupFunction: true
nestedStackCount: 5
serverless-layers: # All Layers
- moment:
name: moment
excludeDevDependencies: false
individually: true
dependenciesPath: ./layers/moment-layer/package.json
package:
patterns:
- /**
- "!node_modules/**"回答 3
Stack Overflow用户
发布于 2021-09-17 06:21:50
第一创
IAM角色
在aws帐户中,您可以完全访问您想要的服务,然后执行以下操作
serverless.yaml
provider:
name: aws
runtime: nodejs14.x
memorySize: 128
timeout: 5
stage: prod
region: us-east-1 # AWS region
versionFunctions: false
deploymentBucket:
name: XXXXXX
iam:
role: arn:aws:iam::XXXXXX:role/full //your role arn
plugins:
- serverless-offline
- serverless-layers
- serverless-plugin-split-stacks
package:
individually: true
exclude:
- ./**Stack Overflow用户
发布于 2021-09-16 13:03:58
有关策略大小限制错误:
AWS对策略大小有限制。查看本文以获得参考:https://aws.amazon.com/premiumsupport/knowledge-center/iam-increase-policy-size/
对于循环依赖错误:
Stack Overflow用户
发布于 2021-09-16 15:03:24
AWS是对少有的资源设置限制,如IAM、S3等。资源不应超过设定的限制。您可以向AWS支持提交请求以增加限制。
在此之前,您可以使用AWS中的service quota来了解AWS资源的限制。在此基础上,您可以拨打电话向AWS提交请求,或者按照上面的文档来缩小大小。
https://stackoverflow.com/questions/69208763
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号