英文:
lambda execution on s3 bucket throws gateway timeout error
问题
FAILURE SCENARIO
lambda code:
@RequestMapping(path = "/languages", method = RequestMethod.GET)
public ListBucketsResponse listLambdaLanguages() {
Region region = Region.EU_WEST_1;
S3Client s3 = S3Client.builder().region(region).build();
ListBucketsRequest listBucketsRequest = ListBucketsRequest.builder().build();
ListBucketsResponse listBucketsResponse = s3.listBuckets(listBucketsRequest);
listBucketsResponse.buckets().stream().forEach(x -> System.out.println(x.name()));
return listBucketsResponse;
}
SAM.yml
<同样的内容>
endpoint:
/languages
Output:
Mon Aug 31 14:17:40 UTC 2020 : Endpoint request body after transformations: {"resource":"/{proxy+}","path":"/languages","httpMethod":"GET","headers":null,"multiValueHeaders":null,"queryStringParameters":null,"multiValueQueryStringParameters":null,"pathParameters":{"proxy":"languages"},"stageVariables":null,"requestContext":{"resourceId":"2n2pvy","resourcePath":"/{proxy+}","httpMethod":"GET","extendedRequestId":"SI30xFwRDoEFRPA=","requestTime":"31/Aug/2020:14:17:40 +0000","path":"/{proxy+}","accountId":"XXXXXX","protocol":"HTTP/1.1","stage":"test-invoke-stage","domainPrefix":"testPrefix","requestTimeEpoch":1598883460839,"requestId":"df87b0f3-57de-45f8-9c11-d64000be3d61","identity":{"cognitoIdentityPoolId":null,"cognitoIdentityId":null,"apiKey":"test-invoke-api-key","principalOrgId":null,"cognitoAuthenticationType":null,"userArn":"arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh","apiKeyId":"test-invoke-api-key-id","userAgent":"aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:17:40 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-U14LQ9SEJQ4I/invocations
Mon Aug 31 14:17:57 UTC 2020 : Received response. Status: 200, Integration latency: 16221 ms
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:17:57 GMT, Content-Type=application/json, Content-Length=143, Connection=keep-alive, x-amzn-RequestId=1c9e34f3-fa10-4db0-b825-5e40e3ac9e94, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d0684-a47151cdb1421b4494698ebf;sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response body before transformations: {"statusCode":502,"multiValueHeaders":{"Content-Type":["application/json"]},"body":"{\"message\":\"Gateway timeout\"}","isBase64Encoded":false}
Mon Aug 31 14:17:57 UTC 2020 : Method response body after transformations: {"message":"Gateway timeout"}
Mon Aug 31 14:17:57 UTC 2020 : Method response headers: {Content-Type=application/json, X-Amzn-Trace-Id=Root=1-5f4d0684-a47151cdb1421b4494698ebf;Sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Successfully completed execution
Mon Aug 31 14:17:57 UTC 2020 : Method completed with status: 502
Note:
this role rol-lambda-servicenow has full access on s3
英文:
I am trying to create a lambda funciton through serverless framewrok and want to expose a REST endpoint that will list all the s3 buckets in a region mentioned if the lambda gets triggered through api gateway call.
I successfully created a REST api with hard coded values as mentioned below -
SUCCESS SCENARIO
lambda code:
@RestController
public class LanguageResource {
@RequestMapping(path = "/languages", method = RequestMethod.GET)
public List<Language> listLambdaLanguages() {
return Arrays.asList(new Language("node"), new Language("java"), new Language("python"));
}
}
SAM.yml
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Lambda with spring boot.
Resources:
LambdaSpringBootFunction:
Type: AWS::Serverless::Function
Properties:
Handler: com.example.test.lambda.LambdaHandler::handleRequest
Runtime: java8
CodeUri: target/spring-boot-lambda-1.0.0-SNAPSHOT.jar
MemorySize: 1512
Role: arn:aws:iam::XXXXXX:role/rol-lambda-servicenow
# Policies: AWSLambdaBasicExecutionRole
Timeout: 60
Events:
GetResource:
Type: Api
Properties:
Path: /{proxy+}
Method: any
Outputs:
LambdaSpringBootApi:
Description: URL for application
Value: !Sub 'https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Stage/languages'
Export:
Name: LambdaSpringBootApi
endpoint:
/languages
output:
Mon Aug 31 14:13:55 UTC 2020 : Endpoint request body after transformations: {"resource":"/{proxy+}","path":"/languages","httpMethod":"GET","headers":null,"multiValueHeaders":null,"queryStringParameters":null,"multiValueQueryStringParameters":null,"pathParameters":{"proxy":"languages"},"stageVariables":null,"requestContext":{"resourceId":"b04re4","resourcePath":"/{proxy+}","httpMethod":"GET","extendedRequestId":"SI3RfEFWDoEFltg=","requestTime":"31/Aug/2020:14:13:55 +0000","path":"/{proxy+}","accountId":"XXXXXX","protocol":"HTTP/1.1","stage":"test-invoke-stage","domainPrefix":"testPrefix","requestTimeEpoch":1598883235028,"requestId":"caa5dcc6-60ca-4a35-9a6b-a0f3c2a2555a","identity":{"cognitoIdentityPoolId":null,"cognitoIdentityId":null,"apiKey":"test-invoke-api-key","principalOrgId":null,"cognitoAuthenticationType":null,"userArn":"arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh","apiKeyId":"test-invoke-api-key-id","userAgent":"aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:13:55 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-DI8EHLE9ME1U/invocations
Mon Aug 31 14:14:05 UTC 2020 : Received response. Status: 200, Integration latency: 10595 ms
Mon Aug 31 14:14:05 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:14:05 GMT, Content-Type=application/json, Content-Length=188, Connection=keep-alive, x-amzn-RequestId=1338096f-3eec-4bf4-bd0f-9873250b4e8b, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d05a3-789c6e282a4f7f92e19a77ff;sampled=0}
Mon Aug 31 14:14:05 UTC 2020 : Endpoint response body before transformations: **{"statusCode":200,"multiValueHeaders":{"Content-Type":["application/json; charset=UTF-8"]},"body":"[{\"name\":\"node\"},{\"name\":\"java\"},{\"name\":\"python\"}]","isBase64Encoded":false}**
Mon Aug 31 14:14:05 UTC 2020 : Method response body after transformations: [{"name":"node"},{"name":"java"},{"name":"python"}]
Mon Aug 31 14:14:05 UTC 2020 : Method response headers: {Content-Type=application/json; charset=UTF-8, X-Amzn-Trace-Id=Root=1-5f4d05a3-789c6e282a4f7f92e19a77ff;Sampled=0}
Mon Aug 31 14:14:05 UTC 2020 : Successfully completed execution
Mon Aug 31 14:14:05 UTC 2020 : Method completed with status: 200
However, when i try to list s3 buckets what i understood that i need to use aws s3 SDK and while used it as mentioned below it is throwing me gateway timeout error with no specific details. I am very new into these things that is why need help
FAILURE SCENARIO
lambda code:
@RequestMapping(path = "/languages", method = RequestMethod.GET)
public ListBucketsResponse listLambdaLanguages() {
Region region = Region.EU_WEST_1;
S3Client s3 = S3Client.builder().region(region).build();
ListBucketsRequest listBucketsRequest = ListBucketsRequest.builder().build();
ListBucketsResponse listBucketsResponse = s3.listBuckets(listBucketsRequest);
listBucketsResponse.buckets().stream().forEach(x -> System.out.println(x.name()));
return listBucketsResponse;
}
SAM.yml
<same>
endpoint:
/languages
Output:
Mon Aug 31 14:17:40 UTC 2020 : Endpoint request body after transformations: {"resource":"/{proxy+}","path":"/languages","httpMethod":"GET","headers":null,"multiValueHeaders":null,"queryStringParameters":null,"multiValueQueryStringParameters":null,"pathParameters":{"proxy":"languages"},"stageVariables":null,"requestContext":{"resourceId":"2n2pvy","resourcePath":"/{proxy+}","httpMethod":"GET","extendedRequestId":"SI30xFwRDoEFRPA=","requestTime":"31/Aug/2020:14:17:40 +0000","path":"/{proxy+}","accountId":"XXXXXX","protocol":"HTTP/1.1","stage":"test-invoke-stage","domainPrefix":"testPrefix","requestTimeEpoch":1598883460839,"requestId":"df87b0f3-57de-45f8-9c11-d64000be3d61","identity":{"cognitoIdentityPoolId":null,"cognitoIdentityId":null,"apiKey":"test-invoke-api-key","principalOrgId":null,"cognitoAuthenticationType":null,"userArn":"arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh","apiKeyId":"test-invoke-api-key-id","userAgent":"aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:17:40 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-U14LQ9SEJQ4I/invocations
Mon Aug 31 14:17:57 UTC 2020 : Received response. Status: 200, Integration latency: 16221 ms
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:17:57 GMT, Content-Type=application/json, Content-Length=143, Connection=keep-alive, x-amzn-RequestId=1c9e34f3-fa10-4db0-b825-5e40e3ac9e94, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d0684-a47151cdb1421b4494698ebf;sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response body before transformations: {"statusCode":502,"multiValueHeaders":{"Content-Type":["application/json"]},"body":"{\"message\":\"Gateway timeout\"}","isBase64Encoded":false}
Mon Aug 31 14:17:57 UTC 2020 : Method response body after transformations: {"message":"Gateway timeout"}
Mon Aug 31 14:17:57 UTC 2020 : Method response headers: {Content-Type=application/json, X-Amzn-Trace-Id=Root=1-5f4d0684-a47151cdb1421b4494698ebf;Sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Successfully completed execution
Mon Aug 31 14:17:57 UTC 2020 : Method completed with status: 502
Note:
this role rol-lambda-servicenow has full access on s3
答案1
得分: 0
您的 Lambda 函数没有执行该操作的权限,因此被阻止。您可以在此处阅读更多信息:https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html
此外,请尝试在您的 AWS 控制台中访问 CloudWatch 日志组。日志应该能够清楚地告诉您有关该问题的信息。
英文:
Your lambda does not have permission to do that so it's blocked. You can read more here https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html
Also try to go to CloudWatch log groups in your AWS console. Logs should tell you clearly about that problem
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论