在将Lambda代码资产上传到s3后如何保持可执行文件

I used aws-cdk to deploy a lambda function with runtime go1.x, but failed to get the function worked normally. It reported an error "Permission Denied. PathError".

After some trouble-shooting, I think it is because of lack of executive mode in the s3 binary linked to lamdba after being compressed and uploaded.

Here is what I found and hope if anyone could help me with this issue.

  1. The CloudFormation Stack itself is successfully created.
  2. go binary for lambda is compiled with
GOARCH=amd64 GOOS=linux go build -o handler main.go

And it has -rwxr-xr-x.

  1. I tried to check the s3 asset file mode by downloading it and unzip-ing it. It has -rw-r--r--. In addition, I also checked the mode of cdk.out/asset.373ce8ec6../handler, and it has -rwxr-xr-x.
  2. I couldn't figure out why executive mode disappears after the file was uploaded to s3.
  3. To solve the problem, I added "chmod +x" to the unzipped binary, re- compress and upload it to s3, and link the new s3 url to the lambda function, it works well this time.

I use aws-cdk typescript to deploy and here is the script to generate lambda function.

    const eventFunc = new lambda.Function(this, 'TestFunction', {
      handler: 'handler',
      runtime: lambda.Runtime.GO_1_X,
      code: lambda.Code.asset('./dist'),
    })

As a workaround, I compress go binary manually and change the cdk typescript as follows.

    const fasset = new s3asset.Asset(this, 'AssetForwarder', {
      path: './dist/handler.zip',
    })

    const eventFunc = new lambda.Function(this, 'TestFunction', {
      handler: 'handler',
      runtime: lambda.Runtime.GO_1_X,
      code: lambda.Code.bucket(fasset.bucket, fasset.s3ObjectKey),
    })

It works but I don't like this workaround since I have to prepare an extra compress script and run it before cdk deploy every time.

I really want to know if there is any clean and tide way in aws-cdk to handle golang lambda functions.