Hello. I use vpc and I try to deploy.
But it was failed because my credential needed to add more permission.
So I add more roles but I failed again, cuz my functions needed to add more permission.
But my function used the role built by Jets Framework. So I setup config.function.role from application.rb like below code.
But It was failed again. Cuz WarmLambdaFunction, TorchLambdaFunction needed to add more permission, too. But I can not find prewarm function also use to my custom role.
How can I set prewarm function also use my custom role?
Though others have used vpc, haven’t used vpc yet myself. So unsure what extra permissions are needed. Interested in what you end up using. It would be nice if Jets just figured it out and adjusted the IAM policy automatically. Until then the ability to customize the Prewarm Job IAM Policy should help.
Here’s an example that adds ec2.
Jets.application.configure do |config|
# ...
config.prewarm_job_iam_policy = [
Jets::Application.default_prewarm_job_iam_policy,
"ec2"
]
end
@say8425 Realized that a better way is to adjust the application-wide IAM Policy. So there’s no need for an additional prewarm_job_iam_policy. Got rid of config.prewarm_job_iam_policy in v1.9.16
Instead use:
Jets.application.configure do |config|
# ...
config.iam_policy = [
Jets::Application.default_iam_policy,
"ec2"
]
end
How fast! Thank you so very much.
By the way, I did not share what extra permissions are needed to use vpc.
So I write the permissions that I need to use vpc.
This permissions can be found from the AWS CloudFormation event log
