If you want to use an event source such as Object Storage Service (OSS) to trigger function execution, you can grant the event source the permissions to trigger the execution. You can grant the permissions to a role and assign this role to different triggers. This topic describes a scenario and the procedure for granting OSS permissions to access Function Compute.
Scenario
In this example, an OSS event source is used to trigger code execution in Function Compute. For example, to trigger Function B in Function Compute after files are uploaded to OSS Bucket A, you must create an OSS event trigger and attach the required policy to the trigger. Resource Access Management (RAM) provides the AliyunOSSEventNotificationRolePolicy policy. You can use this policy to grant an OSS event trigger the permissions to trigger code execution in Function Compute. When you create an OSS event trigger, you can assign a new RAM role or an existing RAM role to the trigger, and attach the AliyunOSSEventNotificationRolePolicy policy to the RAM role.
Procedure
Log on to the Function Compute console. In the left-side navigation pane, click Services & Functions.
In the top navigation bar, select a region. On the Services page, click the desired service.
On the Functions page, click the name of the desired function. On the Function Details page that appears, click the Triggers tab.
On the Trigger Management tab, click Create Trigger. In the Create Trigger panel, set the parameters and click OK.
NoteIf you want to grant permissions to other types of triggers, perform the steps as described in this section. In the Create Trigger panel, select the desired trigger type from the Trigger Type drop-down list and configure the corresponding parameters. The event source of an HTTP trigger is created when you create an HTTP function.
Parameter
Description
Example
Trigger Type
The type of the trigger. Select OSS.
OSS
Name
The name of the trigger.
oss-trigger
Version or Alias
The version or alias of the service. The default value is LATEST. If you want to create a trigger for another version or alias, select a version or alias from the Version or Alias drop-down list on the function details page. For more information about versions and aliases, see Manage versions and Manage aliases.
LATEST
Bucket Name
The name of the OSS bucket. Select an OSS bucket from the drop-down list.
testbucket
Object Prefix
Enter the prefix of the object names that you want to match. We recommend that you configure prefixes and suffixes to avoid extra costs that are generated by nested loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be the same. For more information, see Rules for triggering native OSS triggers.
ImportantThe object prefix cannot start with a forward slash (
/
). Otherwise, the OSS trigger cannot be triggered.source
Object Suffix
Enter the suffix of the object name that you want to match. We recommend that you configure Object Prefix and Object Suffix to avoid extra costs that are generated by function execution loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be the same. For more information, see Rules for triggering native OSS triggers.
png
Trigger Event
The trigger event. Select one or more trigger events from the drop-down list. For more information about OSS event types, see OSS events.
In this example, oss:ObjectCreated:PutObject is selected.
oss:ObjectCreated:PutObject
Role Name
The name of the role. Select AliyunOSSEventNotificationRole.
NoteAfter you configure the preceding parameters, click OK. If this is the first time that you create a trigger of this type, click Authorize Now in the message that appears.
AliyunOSSEventNotificationRole