I have a very simple Lambda function that listens for events on an MQTT topic, and that part is working perfectly. However, the function is not able to publish to another topic, which is not working as expected.
I added the necessary IAM roles and statements in my Serverless Framework configuration. However, when I checked in the AWS Console, I noticed that these roles are not being applied. What did I do wrong?
functions:
receiver:
handler: app/receiver/handle.handler
statements:
- Effect: Allow
Action:
- iot:Publish
Resource:
- arn:aws:iot:us-east-1:295119111913:topic/sdk/test/js
events:
- iot:
sql: "SELECT encode(*, 'base64') AS data FROM 'sdk/test/python'"
sqlVersion: '2016-03-23'
The way you're trying to add statements is not supported by Serverless Framework. If you'd like to add those statements only to a single Lambda function, you will need https://github.com/functionalone/serverless-iam-roles-per-function plugin and use iamRoleStatements
property. If you want to add those statements to the default role, you can do it as presented in docs here: https://www.serverless.com/framework/docs/providers/aws/guide/iam#the-default-iam-role