Search code examples
pythonamazon-s3flask-ask

Flask-ASK & Amazon S3

Trying to deploy an Alexa Skill. I have used node.js to deploy skills before, but never python. I used the Flask-ASK framework to develop the code and tested using HTTPS enpoint and ngrok. Testing the code was successful, so I'm trying to deploy. I followed the AWS instructions on zipping the python files and dependencies in the same root folder and zipping only the contents, not the folder itself. The .zip file is too large for me to upload directly to lamda (16.1 MB -- times out trying to upload) so I'm attempting to use Amazon S3 cloud services. This is very straight forward, so I don't think I'm making any mistakes on this end. Created my bucket and uploaded my zip. Input the path into lambda. This next step is where I'm not certain what is right/wrong. I have to define the lambda_handler. My only python script that was edited and created by me is titled main.py --> main.lambda_handler I'm assuming {How do I add python libraries to an AWS lambda function for Alexa?}. Alexa Developer Portal is configured correctly to the lambda function ID. I save that, build the function, switch to test, invoke the skill and I get the "There was a problem ... etc." response.

Show's root directory for zip (folder is just unzipped to show preview of contents) -- main.py file & dependences are on same folder level Show's root directory for zip (folder is just unzipped to show preview of contents) -- __main__.py file & dependences are on same folder level

Shows S3 path and upload name (it was actually uploaded - I just grabbed the picture before I uploaded a new version) Shows developer console settings[![][2]

Shows developer console settings Shows S3 path and upload name (it was actually uploaded - I just grabbed the picture before I uploaded a new version)[![][3]

Solution

  • The issue was with permissions. It was very hard to find, but the IAM role needs permissions to read from S3 (I just gave it full S3 access, but you can limit to read)

    1. Navigate to console.aws.amazon.com -> Login
    2. Scroll to Security, Identity, & Compliance
    3. Select IAM -> Roles (on left side of window)
    4. Create Role -> select Lambda as the AWS service that will use the role
    5. Attach permissions for S3 -> Add and AWSLambdaExecute and one of the following: AmazonS3ReadOnlyAccess or AmazonS3FullAccess
    6. Name the role
    7. Switch over to the Lambda console and use this role for the lambda function

    It's been a few months since I have done this. So let me know if this doesn't work for you and I'll dig back into the documentation later. But as far as I remember, this should be what you're needing.