Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lambda error getting object from S3 #33

Open
pb30 opened this issue Sep 15, 2017 · 0 comments
Open

Lambda error getting object from S3 #33

pb30 opened this issue Sep 15, 2017 · 0 comments

Comments

@pb30
Copy link

pb30 commented Sep 15, 2017

I've confirmed SES can write to S3, but when adding the Lambda to SES Ruleset I'll get errors like the following:

Error getting object incoming/8h2b7kv5td0h3nv9ndukoov1cm2edri16p6dvo81 from bucket pb30-lists-msp2. Make sure they exist and your bucket is in the same region as this function.
An error occurred (AccessDenied) when calling the GetObject operation: Access Denied: ClientError
Traceback (most recent call last):
File "/var/task/lambda.py", line 13, in lambda_handler
with email_message_for_event(event) as msg:
File "/usr/lib64/python2.7/contextlib.py", line 17, in __enter__
return self.gen.next()
File "/var/task/sestools.py", line 24, in email_message_for_event
raise e
ClientError: An error occurred (AccessDenied) when calling the GetObject operation: Access Denied

An error occurred (NoSuchLifecycleConfiguration) when calling the GetBucketLifecycleConfiguration operation: The lifecycle configuration does not exist: ClientError
Traceback (most recent call last):
File "/var/task/lambda.py", line 34, in lambda_handler
l.send(msg)
File "/var/task/listobj.py", line 317, in send
self.moderate(msg)
File "/var/task/listobj.py", line 401, in moderate
lifecycle = s3.get_bucket_lifecycle_configuration(Bucket=config.s3_bucket)
File "/var/runtime/botocore/client.py", line 312, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/var/runtime/botocore/client.py", line 601, in _make_api_call
raise error_class(parsed_response, operation_name)
ClientError: An error occurred (NoSuchLifecycleConfiguration) when calling the GetBucketLifecycleConfiguration operation: The lifecycle configuration does not exist

S3 Bucket Policy is adapted from link in #29:

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "GiveSESPermissionToWriteEmail",
            "Effect": "Allow",
            "Principal": {
                "Service": "ses.amazonaws.com"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::pb30-lists-msp2/*",
            "Condition": {
                "StringEquals": {
                    "aws:Referer": "xxxxxxxxx"
                }
            }
        },
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "ses.amazonaws.com"
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::pb30-lists-msp2",
            "Condition": {
                "StringEquals": {
                    "aws:Referer": "xxxxxxxxx"
                }
            }
        }
    ]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pb30