Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS::Lambda::Function.FileSystemConfigs missing from the Resource Specification #1598

Closed
xeres opened this issue Jun 21, 2020 · 8 comments
Closed

AWS::Lambda::Function.FileSystemConfigs missing from the Resource Specification #1598

xeres opened this issue Jun 21, 2020 · 8 comments
Labels
spec CloudFormation Specification Bug

Comments

@xeres
Copy link

xeres commented Jun 21, 2020

cfn-lint version: (cfn-lint --version)
cfn-lint 0.33.1

Description of issue.
The latest cfn-lint still detects FileSystemConfigs with AWS::Serverless::Function as an error.
@PatMyron
Copy link
Contributor

Can you run pip3 show aws-sam-translator | grep 'Version' to make sure you have 1.25.0+?

and see if it still occurs after pip3 install aws-sam-translator --upgrade if not?

and provide a sample template and error message if not?

@xeres
Copy link
Author

xeres commented Jun 21, 2020

I tried it, hmm...

$ pip3 show aws-sam-translator | grep 'Version'
Version: 1.25.0
$ pip3 install aws-sam-translator --upgrade
Requirement already up-to-date: aws-sam-translator in /home/xeres/.local/lib/python3.8/site-packages (1.25.0)
Requirement already satisfied, skipping upgrade: boto3~=1.5 in /home/xeres/.local/lib/python3.8/site-packages (from aws-sam-translator) (1.13.26)
Requirement already satisfied, skipping upgrade: six~=1.11 in /usr/lib/python3/dist-packages (from aws-sam-translator) (1.14.0)
Requirement already satisfied, skipping upgrade: jsonschema~=3.0 in /usr/lib/python3/dist-packages (from aws-sam-translator) (3.2.0)
Requirement already satisfied, skipping upgrade: botocore<1.17.0,>=1.16.26 in /home/xeres/.local/lib/python3.8/site-packages (from boto3~=1.5->aws-sam-translator) (1.16.26)
Requirement already satisfied, skipping upgrade: jmespath<1.0.0,>=0.7.1 in /home/xeres/.local/lib/python3.8/site-packages (from boto3~=1.5->aws-sam-translator) (0.9.5)
Requirement already satisfied, skipping upgrade: s3transfer<0.4.0,>=0.3.0 in /home/xeres/.local/lib/python3.8/site-packages (from boto3~=1.5->aws-sam-translator) (0.3.3)
Requirement already satisfied, skipping upgrade: urllib3<1.26,>=1.20; python_version != "3.4" in /usr/lib/python3/dist-packages (from botocore<1.17.0,>=1.16.26->boto3~=1.5->aws-sam-translator) (1.25.8)
Requirement already satisfied, skipping upgrade: python-dateutil<3.0.0,>=2.1 in /home/xeres/.local/lib/python3.8/site-packages (from botocore<1.17.0,>=1.16.26->boto3~=1.5->aws-sam-translator) (2.8.0)
Requirement already satisfied, skipping upgrade: docutils<0.16,>=0.10 in /home/xeres/.local/lib/python3.8/site-packages (from botocore<1.17.0,>=1.16.26->boto3~=1.5->aws-sam-translator) (0.15.2)

The minimum template for reproduce.

AWSTemplateFormatVersion: 2010-09-09
Description: SAM + Lambda + EFS
Transform: AWS::Serverless-2016-10-31

Parameters:
  SecurityGroupId:
    Type: AWS::EC2::SecurityGroup::Id

  VpcSubnetId:
    Type: AWS::EC2::Subnet::Id

Resources:
  EfsFileSystem:
    Type: AWS::EFS::FileSystem

  MountTarget:
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref EfsFileSystem
      SubnetId: !Ref VpcSubnetId
      SecurityGroups:
        - !Ref SecurityGroupId

  AccessPoint:
    Type: AWS::EFS::AccessPoint
    Properties:
      FileSystemId: !Ref EfsFileSystem

  LambdaFunctionWithEfs:
    Type: AWS::Serverless::Function
    Properties:
      InlineCode: |
        const fs = require('fs')
        const path = require('path')
        const efsMountPath = '/mnt/efs'
        exports.handler = async (event, context, callback) => {
          const directory = path.join(efsMountPath, event.body)
          const files = fs.readdirSync(directory)
          return files
        }
      Handler: index.handler
      MemorySize: 128
      Runtime: nodejs12.x
      Timeout: 3
      VpcConfig:
        SecurityGroupIds:
          - !Ref SecurityGroupId
        SubnetIds:
          - !Ref VpcSubnetId
      FileSystemConfigs:
        - Arn: !GetAtt AccessPoint.Arn
          LocalMountPath: /mnt/efs

Let me know if there is anything else I can do to help.

@PatMyron PatMyron added the spec CloudFormation Specification Bug label Jun 21, 2020
@PatMyron
Copy link
Contributor

looks like AWS::Lambda::Function.FileSystemConfigs is missing from the Resource Specification

cfn-lint --info template.yaml 
2020-06-21 02:19:00,585 - cfnlint - INFO - SAM Translator: 1.25.0
2020-06-21 02:19:00,585 - cfnlint - INFO - Setting AWS_DEFAULT_REGION to us-east-1
2020-06-21 02:19:00,651 - cfnlint - INFO - Transformed template: 
{
  "AWSTemplateFormatVersion": null,
  "Description": "SAM + Lambda + EFS",
  "Parameters": {
    "SecurityGroupId": {
      "Type": "AWS::EC2::SecurityGroup::Id"
    },
    "VpcSubnetId": {
      "Type": "AWS::EC2::Subnet::Id"
    }
  },
  "Resources": {
    "AccessPoint": {
      "Properties": {
        "FileSystemId": {
          "Ref": "EfsFileSystem"
        }
      },
      "Type": "AWS::EFS::AccessPoint"
    },
    "EfsFileSystem": {
      "Type": "AWS::EFS::FileSystem"
    },
    "LambdaFunctionWithEfs": {
      "Properties": {
        "Code": {
          "ZipFile": "const fs = require('fs')\nconst path = require('path')\nconst efsMountPath = '/mnt/efs'\nexports.handler = async (event, context, callback) => {\n  const directory = path.join(efsMountPath, event.body)\n  const files = fs.readdirSync(directory)\n  return files\n}\n"
        },
        "FileSystemConfigs": [
          {
            "Arn": {
              "Fn::GetAtt": [
                "AccessPoint",
                "Arn"
              ]
            },
            "LocalMountPath": "/mnt/efs"
          }
        ],
        "Handler": "index.handler",
        "MemorySize": 128,
        "Role": {
          "Fn::GetAtt": [
            "LambdaFunctionWithEfsRole",
            "Arn"
          ]
        },
        "Runtime": "nodejs12.x",
        "Tags": [
          {
            "Key": "lambda:createdBy",
            "Value": "SAM"
          }
        ],
        "Timeout": 3,
        "VpcConfig": {
          "SecurityGroupIds": [
            {
              "Ref": "SecurityGroupId"
            }
          ],
          "SubnetIds": [
            {
              "Ref": "VpcSubnetId"
            }
          ]
        }
      },
      "Type": "AWS::Lambda::Function"
    },
    "LambdaFunctionWithEfsRole": {
      "Properties": {
        "AssumeRolePolicyDocument": {
          "Statement": [
            {
              "Action": [
                "sts:AssumeRole"
              ],
              "Effect": "Allow",
              "Principal": {
                "Service": [
                  "lambda.amazonaws.com"
                ]
              }
            }
          ],
          "Version": "2012-10-17"
        },
        "ManagedPolicyArns": [
          "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
          "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
        ],
        "Tags": [
          {
            "Key": "lambda:createdBy",
            "Value": "SAM"
          }
        ]
      },
      "Type": "AWS::IAM::Role"
    },
    "MountTarget": {
      "Properties": {
        "FileSystemId": {
          "Ref": "EfsFileSystem"
        },
        "SecurityGroups": [
          {
            "Ref": "SecurityGroupId"
          }
        ],
        "SubnetId": {
          "Ref": "VpcSubnetId"
        }
      },
      "Type": "AWS::EFS::MountTarget"
    }
  }
}
2020-06-21 02:19:00,651 - cfnlint.runner - INFO - Run scan of template template.yaml
E3002 Invalid Property Resources/LambdaFunctionWithEfs/Properties/FileSystemConfigs

@PatMyron PatMyron changed the title Support Amazon EFS for AWS Lambda AWS::Lambda::Function.FileSystemConfigs missing from the Resource Specification Jun 21, 2020
@PatMyron
Copy link
Contributor

Thanks for the details! Seems to be another instance of Resource Specifications lagging releases

@xeres
Copy link
Author

xeres commented Jun 21, 2020

I got it, I'll watch the issue you led me.

Thank!

@rleighton
Copy link

Bit me too.

@rleighton
Copy link

How can I work around this? My CI fails. I'd like to add an exception for this until the spec is updated.

@PatMyron
Copy link
Contributor

now in the latest Resource Specification, so this should pick it up:

cfn-lint --update-specs

@PatMyron PatMyron mentioned this issue Aug 24, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
spec CloudFormation Specification Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@xeres @PatMyron @rleighton