SO I am new to AWS Lambda, so bear with me. I am working on a personal project to convert .mov files in to .mp4 files. I was able to find an already built application that did this, s3-lambda-ffmpeg-mov-to-mp4-s3. I follow the cloudformation template, I input the bucket name with the .mov files, update the output bucket name to one that is available, and go to delpoy. This is the reason why the convert has failed
Resource handler returned message: "User: arn:aws:iam::*****:root is not authorized to perform: lambda:GetLayerVersion on resource: arn:aws:lambda:us-east-1:xxxxx:layer:ffmpeg:4 because no resource-based policy allows the lambda:GetLayerVersion action (Service: Lambda, Status Code: 403, Request ID: d0226f5d-ae9d-41b4-b706-4cf519909f70)" (RequestToken: adbb9025-e6e3-322d-a478-a92d651a8e16, HandlerErrorCode: AccessDenied)
Would someone please be able to help me out on how to update the right permissions?
I tried to search for and find the correct permissions but did not find any thing, any help would be great
I checked template.yml of s3-lambda-ffmpeg-mov-to-mp4-s3 and found that "arn:aws:lambda:us-east-1:145266761615:layer:ffmpeg:4" was used as the ARN of Lambda's Layer. The following is a list of the files that were used in the file.
https://github.com/simalexan/s3-lambda-ffmpeg-mov-to-mp4-s3/blob/master/template.yml#L30
Searching for this ARN, I found an issue where specifying this ARN would cause an error regarding the permissions for "perform: lambda:GetLayerVersion". The developer of this Layer has instructed us not to use this ARN, but to use another method.
https://github.com/serverlesspub/ffmpeg-aws-lambda-layer/issues/3
Now, my suggestion is as follows