cerbos / cerbos-aws-lambda Goto Github PK
View Code? Open in Web Editor NEWGateway service implements AWS Lambda runtime and invokes Cerbos server API hosted in the same AWS Lambda instance.
License: Apache License 2.0
cerbos-aws-lambda's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
cerbos-aws-lambda's Issues
s3 store
Hello,
I have been trying to follow all your steps in order to run this in a lambda but it has been impossible.
I am using s3 as disk as part of the config file:
cerbos-aws-lambda\conf.default.yml
storage:
driver: "blob"
blob:
# This section is required only if storage.driver is blob.
bucket: "s3://cerbos-test-pdp?region=us-west-2"
downloadTimeout: 30s # DownloadTimeout specifies the timeout for downloading from cloud storage.
prefix: policies # Prefix specifies a subdirectory to download.
requestTimeout: 10s # RequestTimeout specifies the timeout for an HTTP request.
updatePollInterval: 15s # UpdatePollInterval specifies the interval to poll the cloud storage. Set to 0 to disable.
And just in case, I added the s3 config as part of the sam.yaml file:
Variables:
BUCKET_URL: "s3://cerbos-test-pdp?region=us-west-2"
BUCKET_PREFIX: "policies"
CERBOS_LOG_LEVEL: DEBUG
and the set of permissions I attached to the lambda running the cerbos image:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*",
"s3-object-lambda:*"
],
"Resource": "arn:aws:s3:::cerbos-test-pdp/*"
}
]
}
ERROR: failed to create store: unknown storage driver [blob]
Please, any help is appreciated. This is driving me nuts.
thanks.
Ensure cerbos-aws-lambda supports private API gateway
Make isn't working on Linux unless cerbos version is specified
There is an issue with grep regex on Linux.
Check/grant S3 permissions to provided bucket
If an S3 bucket URL is provided in the config can we check/grant read access to the role created by the SAM template?
arm64 not supported in all AWS regions
based on the lambda pricing page arm64 is NOT available in the the following regions:
af-south-1, ap-east-1, ap-northeast-2, ap-northeast-3, ca-central-1, eu-south-1, eu-west-3, eu-north-1, me-south-1, sa-east-1, and us-west-1
This causes an issue if you build the image on an M1 mac and try to deploy in these regions
Publish as Lambda Layer
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.