Why doesn't my Amazon S3 event notification invoke my Lambda function?

Last updated: 2021-06-15

I configured an Amazon Simple Storage Service (Amazon S3) event notification to invoke my AWS Lambda function. The function doesn't invoke when the Amazon S3 event occurs. How do I troubleshoot the issue?

Resolution

Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.

Confirm that your Amazon S3 event type is configured correctly

When you configure an Amazon S3 event notification, you must specify which supported Amazon S3 event types cause Amazon S3 to send the notification. If an event type that you didn't specify occurs in your Amazon S3 bucket, then Amazon S3 doesn't send the notification.

Confirm that your object key name filters are in URL-encoded (percent-encoded) format

If your event notifications are configured to use object key name filtering, notifications are published only for objects with specific prefixes or suffixes.

If you use any of the following special characters in your prefixes or suffixes, you must enter them in URL-encoded (percent-encoded) format:

  • Parenthesis ("( )")
  • ASCII character ranges 00–1F hex (0–31 decimal) and 7F (127 decimal)
  • Dollar ("$")
  • Ampersand ("&")
  • Plus sign ("+")
  • Comma (",")
  • Colon (":")
  • Semicolon (";")
  • Equals sign ("=")
  • Question mark ("?")
  • At sign ("@")
  • Space (" ")

For example, to define the value of a prefix as "test=abc/", enter "test%3Dabc/" for its value.

Note: A wildcard character ("*") can't be used in filters as a prefix or suffix to represent any character.

For more information, see Working with object metadata.

Confirm that your Lambda function's AWS Identity and Access Management (IAM) policy has the required permissions

Check your Lambda function's resource-based policy to confirm that it allows your Amazon S3 bucket to invoke the function. If it doesn't, add the required permissions by following the instructions in Granting function access to AWS services.

For more information, see AWS Lambda permissions.

Note: When you add a new event notification using the Amazon S3 console, the required permissions are added to your function's policy automatically. If you use the put-bucket-notification-configuration action in the AWS CLI to add an event notification, your function's policy isn't updated automatically.

Confirm that your Lambda function is configured to handle concurrent invocations from Amazon S3 event notifications

Your Lambda function must be configured to handle concurrent invocations from Amazon S3 event notifications. If invocation requests arrive faster than your function can scale, or your function is at maximum concurrency, then Lambda throttles the requests.

For more information, see Asynchronous invocation and AWS Lambda function scaling.