警告 - 部署后未设置 cfnRole 和创建不必要的文件

SoS*_*dTT 4 amazon-web-services python-3.x aws-cloudformation aws-lambda serverless

部署后没有 cfnRole 警告和不必要的文件被创建

Serverless: Safeguards Processing...
Serverless: Safeguards Results:

   Summary --------------------------------------------------

   passed - no-unsafe-wildcard-iam-permissions
   passed - framework-version
   warned - require-cfn-role
   passed - allowed-runtimes
   passed - no-secret-env-vars
   passed - allowed-regions
   passed - allowed-stages

   Details --------------------------------------------------

   1) Warned - no cfnRole set
      details: http://slss.io/sg-require-cfn-role
      Require the cfnRole option, which specifies a particular role for CloudFormation to assume while deploying.
Run Code Online (Sandbox Code Playgroud)
  1. 我去过详细写的网站。详情:http : //slss.io/sg-require-cfn-role 反正我不知道怎么解决。
  2. s_hello.py & s_hello2.py 总是在部署后生成。这是我的 serverless.yaml 文件
    service: myapp
    app: sample-app
    org: xxx
    provider:
      name: aws
      runtime: python3.7
    stage: dev
    region: us-east-1

    package:
        individually: true
    functions:
      hello:
        handler: src/handler/handler.hello
      hello2:
        handler: src/handler2/handler2.hello2
Run Code Online (Sandbox Code Playgroud)

尽管关注本网站,但它总是会发生。我的 Lambda 函数将创建“s_xxx.py(其中 xxx 是 handler.py 文件。

Edu*_*vis 7

我按照以下步骤在 AWS IAM 中创建了 cfn-role 解决了这个问题:

角色 -> 创建角色 -> AWS 服务 ->从列表中选择Cloud Formation

下一页:权限

您需要选择部署 lambda 函数所需的所有策略(S3FullAccess、SQSFullAccess、LambdaFullAccess...)

有一个强制AWSConfigRole允许无服务器框架获得此角色。

设置角色后,您需要复制其 arn 并在提供者级别cfnRole后面创建,如下所示:

provider:
  name: aws
  runtime: python3.7
  stage: ${opt:stage, 'dev'}
  profile: ${self:custom.deploy-profile.${opt:stage, 'dev'}}
  region: us-west-2
  environment:
    TEMP: "/tmp"
  cfnRole: arn:aws:iam::xxxxxxxxxx:role/cfn-Role
Run Code Online (Sandbox Code Playgroud)

这对我有用,我希望能帮到你!