AWS troubleshooting - Lamba deployment package file permissions

When creating your own Lambda deployment packages be aware of the permissions on the files before zipping them. Lambda requires the files to have read access for all users, particularly "other", if this is missing you will receive a non-obvious error when trying to call the function. The fix is simple enough, perform a 'chmod a+r *' before creating your zip file. If the code is visible in the inline editor adding an empty line and saving will also fix the problem, presumably by overwriting the file with the correct permissions.

Below are some examples of errors you will see in the various languages if read permissions are missing. Hopefully this post will have saved you some time debugging.

Java CloudWatch logs:

--

Class not found: example.Hello: class java.lang.ClassNotFoundException

java.lang.ClassNotFoundException: example.Hello

at java.net.URLClassLoader$1.run(URLClassLoader.java:370)

at java.net.URLClassLoader$1.run(URLClassLoader.java:362)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(URLClassLoader.java:361)

at java.lang.ClassLoader.loadClass(ClassLoader.java:424)

at java.lang.ClassLoader.loadClass(ClassLoader.java:357)

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Class.java:348)

Caused by: java.io.FileNotFoundException: /var/task/example/Hello.class (Permission denied)

at java.io.FileInputStream.open0(Native Method)

at java.io.FileInputStream.open(FileInputStream.java:195)

at java.io.FileInputStream.<init>(FileInputStream.java:138)

at sun.misc.URLClassPath$FileLoader$1.getInputStream(URLClassPath.java:1251)

at sun.misc.Resource.cachedInputStream(Resource.java:77)

at sun.misc.Resource.getByteBuffer(Resource.java:160)

at java.net.URLClassLoader.defineClass(URLClassLoader.java:454)

at java.net.URLClassLoader.access$100(URLClassLoader.java:73)

at java.net.URLClassLoader$1.run(URLClassLoader.java:368)

... 7 more

--

Java execution result (testing from console):

{

  "errorMessage": "Class not found: example.Hello",

  "errorType": "class java.lang.ClassNotFoundException"

}

Python CloudWatch logs:

--

Unable to import module 'python-hi': No module named python-hi

--

Python execution result (testing from console):

{

  "errorMessage": "Unable to import module 'python-hi'"

}

Node CloudWatch logs:

--

module initialization error: Error

    at Error (native)

    at Object.fs.openSync (fs.js:549:18)

    at Object.fs.readFileSync (fs.js:397:15)

    at Object.Module._extensions..js (module.js:415:20)

    at Module.load (module.js:343:32)

    at Function.Module._load (module.js:300:12)

    at Module.require (module.js:353:17)

    at require (internal/module.js:12:17)

--

Node execution result (testing from console):

{

  "errorMessage": "EACCES: permission denied, open '/var/task/node-hi.js'",

  "errorType": "Error",

  "stackTrace": [

    "Object.fs.openSync (fs.js:549:18)",

    "Object.fs.readFileSync (fs.js:397:15)",

    "Object.Module._extensions..js (module.js:415:20)",

    "Module.load (module.js:343:32)",

    "Function.Module._load (module.js:300:12)",

    "Module.require (module.js:353:17)",

    "require (internal/module.js:12:17)"

  ]

}