To use an event source such as Object Storage Service (OSS) to trigger function execution, you must grant the event source permission to invoke your function. Permissions are granted through a RAM role attached to the trigger—the same role can be reused across multiple triggers.
How it works
When an event occurs in OSS (for example, a file upload), OSS calls Function Compute on your behalf using a Resource Access Management (RAM) role. That role must have the AliyunOSSEventNotificationRolePolicy policy attached. Without this policy, OSS cannot invoke your function.
When you create an OSS trigger, you assign a RAM role to it. Function Compute uses that role's permissions to allow OSS to call the function.
Prerequisites
Before you begin, make sure you have:
A Function Compute service and function
An OSS bucket
Create an OSS trigger with the required permissions
Log on to the Function Compute console. In the left-side navigation pane, click Services & Functions.
In the top navigation bar, select a region. On the Services page, click the target service.
On the Functions page, click the name of the target function. On the Function Details page, click the Triggers tab.
On the Trigger Management tab, click Create Trigger.
In the Create Trigger panel, configure the following parameters and click OK.
If this is the first time you are creating an OSS trigger, a prompt appears after you click OK. Click Authorize Now to complete the authorization.
To grant permissions to other trigger types, follow the same steps and select the appropriate trigger type from the Trigger Type drop-down list. The event source for HTTP triggers is created when you create an HTTP function, not through the Create Trigger panel.
Parameter Description Example Trigger Type The type of trigger. Select OSS. OSS Name The name of the trigger. oss-trigger Version or Alias The service version or alias to associate with the trigger. Defaults to LATEST. To target a different version or alias, select one from the Version or Alias drop-down list on the function details page. For details, see Manage versions and Manage aliases. LATEST Bucket Name The OSS bucket to watch for events. Select a bucket from the drop-down list. testbucket Object Prefix The prefix that object names must match to trigger the function. We recommend that you configure prefixes and suffixes to avoid extra costs that are generated by nested loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be the same. For matching rules, see Rules for triggering native OSS triggers. ImportantThe prefix cannot start with
/; otherwise, the OSS trigger cannot be triggered.source Object Suffix The suffix that object names must match to trigger the function. We recommend that you configure both Object Prefix and Object Suffix to avoid extra costs that are generated by function execution loops. If you specify the same event type for different triggers of a bucket, the prefixes or suffixes cannot be the same. For matching rules, see Rules for triggering native OSS triggers. png Trigger Event The OSS event types that activate the trigger. Select one or more events. For a full list of event types, see OSS events. oss:ObjectCreated:PutObject Role Name The RAM role that authorizes OSS to invoke Function Compute. Select AliyunOSSEventNotificationRole. This role uses the AliyunOSSEventNotificationRolePolicypolicy.AliyunOSSEventNotificationRole