LAB: Configure Lembda to upload an object in S3 Bucket

LAB: Configure Lembda to upload an object in S3 Bucket

Task:

In this lab we will be configure Lambda function to be triggered on an S3 object upload event. As soon trigger happens, Lambda Function will copy that object in different S3 bucket.

Step:1 Create Two S3 Bucket as shown in below figure

Copy both Bucket ARN Address | Once Bucket is created | Select your bucket | A Pop-Up will appear with bucket details on the right side of the screen | Click on the Copy ARN button to copy the ARN |Save the source bucket ARN in a text file for later use

Once Bucket is created, you will be able to see both bucket in S3 Dashboard

Step 2: Create IAM Policy

It is a Pre-requisite for Creating Lambda Function | Go to Service : IAM | Click on Policies | Create Policies

Click on JSON tab | and copy and paste the below policy

{

   "Version":"2012-10-17",

   "Statement":[

      {

         "Effect":"Allow",

         "Action":[

            "s3:GetObject"

         ],

         "Resource":[

            "arn:aws:s3:::dclessons-source-bucket/*"

         ]

      },

      {

         "Effect":"Allow",

         "Action":[

            "s3:PutObject"

         ],

         "Resource":[

            "arn:aws:s3:::dclessons-destination-bucket/*"

         ]

      }

   ]

}

Replace the source and destination ARN name of the bucket (which you have saved before) in the option Resource. Make sure to add /* at the end of the ARN name.

Click on Next:Tags button. Leave everything as default and click Next:Review

On Create Policy page | Policy name: Dclessons-Lambda-Policy | Click Create Policy

Step 3: Create IAM Role

In Left Menu of IAM | Select Roles | Click Create Roles

Under Select Trusted Entity | Select AWS Service | Select Lambda | Next

Under Add permission | Select two Policies: Dclessons-Lambda-Policy and AWSLambdaBasicExecuteRole

Select next : Under Role Details | Role name : DclessonsRole | Add tags : Name DclessonsRole | Create Role