If you want to use an event source such as Object Storage Service (OSS) to trigger function execution, you can grant the event source the permissions to trigger the execution. You can grant the permissions to the role of each trigger, and assign this role to different triggers. This topic describes the scenarios and procedure on how to grant permissions to an event source to access Function Compute. In this topic, the OSS event source is used as an example to access Function Compute.

Scenario

In this example, an OSS event source is used to trigger code execution in Function Compute. If you want to trigger function B in Function Compute after you upload files to OSS bucket A, you must create an OSS event trigger and then attach the required policy to the trigger. Resource Access Management (RAM) provides the AliyunOSSEventNotificationRole policy. You can use this policy to grant an OSS event trigger the permissions to trigger code execution in Function Compute. When you create an OSS event trigger, you can assign a new RAM role or an existing RAM role to the trigger, and attach the AliyunOSSEventNotificationRole policy to the RAM role. Then, you can use the OSS event trigger to trigger code execution in Function Compute. buhuoshijianyuanfangshujisuan

Procedure

  1. Log on to the Function Compute console.
  2. In the left-side navigation pane, click Services & Functions.
  3. In the top navigation bar, select a region.
  4. On the Services page, find the desired service and click Functions in the Actions column.
  5. On the Functions page, click the function that you want to modify.
  6. On the function details page, click the Triggers tab, select the version or alias from the Version or Alias drop-down list, and then click Create Trigger.
  7. In the Create Trigger panel, specify related parameters. After you specify the parameters, click OK.
    Note If you want to grant permissions to other types of triggers, perform the steps as described in this section. You only need to select a trigger type based on your business requirements. The event source of an HTTP trigger is created when you create an HTTP function.
    ParameterDescriptionExample
    Trigger TypeThe type of the trigger. Select OSS. OSS
    Function NameEnter a trigger name. oss-trigger
    Version or AliasThe version or alias of the service. The default value is LATEST. If you want to create a trigger for another version or alias, select a version or alias from the Version or Alias drop-down list on the function details page. For more information about versions and aliases of a service, see Manage versions and Manage aliases. LATEST
    Bucket NameSelect an OSS bucket. bucket-zh****
    Object PrefixEnter the prefix of the object name that you want to match. We recommend that you configure prefixes and suffixes to avoid additional costs of nested loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be repeated. For more information, see Trigger rules.
    Important The object prefix cannot start with a forward slash (/).
    		source
    Object SuffixEnter the suffix of the object name that you want to match. We recommend that you configure prefixes and suffixes to avoid additional costs of nested loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be repeated. For more information, see Trigger rules. zip
    Trigger EventSelect one or more trigger events. For more information about Object Storage Service (OSS) event types, see OSS events.

    In this example, oss:ObjectCreated:PutObject is selected.

    		oss:ObjectCreated:PutObject
    RAM Role NameThe name of the role. Select AliyunOSSEventNotificationRole.
    Note After you configure the preceding parameters, click OK. If this is the first time that you create a trigger of this type, click Authorize Now in the message that appears.
    		AliyunOSSEventNotificationRole
  8. Click OK.