You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have searched existing issues, it hasn't been reported yet
Issue description
I'm currently using a custom CloudFormation role to allow my functions to be deployed by a pipeline to another AWS account. In the serverless yml file, I've created a PostConfirmation trigger for my existing Cognito user pool.
You've mentioned in the documentation that a backup lambda function is created when you declare the 'existing' parameter. However, this backup lambda function uses the CF deployment role by default and therefore I am getting this error:
CREATE_FAILED: CustomDashresourceDashexistingDashcupLambdaFunction (AWS::Lambda::Function)
Resource handler returned message: "The role defined for the function cannot be assumed by Lambda.
I have double checked the output CloudFormation template and this resource is using my deployment role.
I've even tried removing the role that is declare in my Serverless function and it still doesn't work and I've tried putting the forceDeploy: true parameter and it didn't worked as well.
The only way I got it to work was by removing the iam.deploymentRole parameter completely which isn't ideal since this is deployed via CI/CD.
Deploying functions to stage dev (redacted)
× Stack functions-dev failed to deploy (31s)
Environment: win32, node 16.14.2, framework 3.25.1, plugin 6.2.2, SDK 4.3.2
Credentials: Local, "xxxxx" profile
Docs: docs.serverless.com
Support: forum.serverless.com
Bugs: github.com/serverless/serverless/issues
Error:
CREATE_FAILED: CustomDashresourceDashexistingDashcupLambdaFunction (AWS::Lambda::Function)
Resource handler returned message: "The role defined for the function cannot be assumed by Lambda. (Service: Lambda, Status Code: 400, Request ID: xxxxx)" (RequestToken: xxxxx, HandlerErrorCode: InvalidRequest)
Environment information
Framework Core: 3.25.1
Plugin: 6.2.2
SDK: 4.3.2
The text was updated successfully, but these errors were encountered:
You've mentioned in the documentation that a backup lambda function is created when you declare the 'existing' parameter. However, this backup lambda function uses the CF deployment role by default and therefore I am getting this error
@pragma-ezekiel CF deployment role is used for all deployment tasks, and this backup lambda supplements the deployment process.
You can easily fix it by ensuring that CF deployment role lists Lambda services as one of it's principals
Any news? I'm stuck on this issue.
Adding the lambda to my iamRolseStatements doesn't seem to work.
My deployment only works when I remove the "existing: true"
Error:
CREATE_FAILED: CustomDashresourceDashexistingDashcupLambdaFunction (AWS::Lambda::Function)
Resource handler returned message: "Function creation failed because the function already exists"
Are you certain it's a bug?
Is the issue caused by a plugin?
Are you using the latest v3 release?
Is there an existing issue for this?
Issue description
I'm currently using a custom CloudFormation role to allow my functions to be deployed by a pipeline to another AWS account. In the serverless yml file, I've created a PostConfirmation trigger for my existing Cognito user pool.
You've mentioned in the documentation that a backup lambda function is created when you declare the 'existing' parameter. However, this backup lambda function uses the CF deployment role by default and therefore I am getting this error:
I have double checked the output CloudFormation template and this resource is using my deployment role.
I've even tried removing the role that is declare in my Serverless function and it still doesn't work and I've tried putting the
forceDeploy: true
parameter and it didn't worked as well.The only way I got it to work was by removing the
iam.deploymentRole
parameter completely which isn't ideal since this is deployed via CI/CD.Service configuration (serverless.yml) content
Command name and used flags
serverless deploy --stage dev --aws-profile xxxx
Command output
Environment information
The text was updated successfully, but these errors were encountered: