-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Maximum policy size of 10240 bytes exceeded for role for SLS enterprise logs feature #586
Comments
we need this logs feature fixed, please help to solve in SLS code |
@pgrzesik please let me know if this is reviewed and confirmed at your side and possible easy solvable as it was for serverless/serverless#7644 |
+1 Please fix ASAP |
Hello @casualuser - sorry for not responding here sooner. I'm going to move this to https://github.com/serverless/dashboard-plugin repository as the actual functionality that generates the policy is located there. I'm going to dive into the cause and what the potential fix might be here. As a potential workaround - do you have the ability to split the deployment into a few stacks with smaller number of functions? |
Hi @casualuser - thanks for reaching out. The workaround in this case is to create your own logs access role and pass it into the framework via the
The role is easy to create, there are 3 parts. The policy,
The trust relationship for our AWS account is: To find your org UID, inspect your browser request when If you have any questions, feel free to contact the enterprise support team via the chat feature in the app, and we can address it that way. As an aside, unfortunately 140 functions is a very large and complicated serverless application. Even using split stacks, you're likely going to soon run into several issues and AWS limitations. My strongest recommendation is to split your application up into separate logical domains, and consider using a monolambda for APIs (instead of one lambda per route or per REST action). Thanks! |
+1 for this |
hi @astuyve so we've tried to add policy in serverless.yml like this:
but the only observable result for a moment is a record in function logs like this:
so can you comment on the way policy was added and this record in log? please advice |
This issue doesn't related to serverless/serverless#2508 because caused by internal SLS feature.
We have big stack with 130+ python functions migrating to SLS. All the issues with AWS limitations were solved but one persists and after some mess we found that it caused by embedded SLS log handling feature.
Please review this, confirm and fix as soon as possible because we definitely need SLS logs handling feature.
To reproduce this it will be enough 80+ functions (somewhere 74-75 actually) with enabled pro account for logs collection feature.
The only solution was to disable it with this option:
Without this option we were receiving
Maximum policy size of 10240 bytes exceeded
and it was sourced by this policy incloudformation-template-update-stack.json
Here is stack and versions:
The text was updated successfully, but these errors were encountered: