Lambda在S3存储桶上的执行引发网关超时错误。

huangapple go评论83阅读模式
英文:

lambda execution on s3 bucket throws gateway timeout error

问题

FAILURE SCENARIO
lambda code:

@RequestMapping(path = "/languages", method = RequestMethod.GET)
public ListBucketsResponse listLambdaLanguages() {

    Region region = Region.EU_WEST_1;
    S3Client s3 = S3Client.builder().region(region).build();
    
    ListBucketsRequest listBucketsRequest = ListBucketsRequest.builder().build();
    ListBucketsResponse listBucketsResponse = s3.listBuckets(listBucketsRequest);
    listBucketsResponse.buckets().stream().forEach(x -> System.out.println(x.name()));

    return listBucketsResponse;
}

SAM.yml

<同样的内容>

endpoint:

/languages

Output:

Mon Aug 31 14:17:40 UTC 2020 : Endpoint request body after transformations: {"resource":"/{proxy+}","path":"/languages","httpMethod":"GET","headers":null,"multiValueHeaders":null,"queryStringParameters":null,"multiValueQueryStringParameters":null,"pathParameters":{"proxy":"languages"},"stageVariables":null,"requestContext":{"resourceId":"2n2pvy","resourcePath":"/{proxy+}","httpMethod":"GET","extendedRequestId":"SI30xFwRDoEFRPA=","requestTime":"31/Aug/2020:14:17:40 +0000","path":"/{proxy+}","accountId":"XXXXXX","protocol":"HTTP/1.1","stage":"test-invoke-stage","domainPrefix":"testPrefix","requestTimeEpoch":1598883460839,"requestId":"df87b0f3-57de-45f8-9c11-d64000be3d61","identity":{"cognitoIdentityPoolId":null,"cognitoIdentityId":null,"apiKey":"test-invoke-api-key","principalOrgId":null,"cognitoAuthenticationType":null,"userArn":"arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh","apiKeyId":"test-invoke-api-key-id","userAgent":"aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:17:40 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-U14LQ9SEJQ4I/invocations
Mon Aug 31 14:17:57 UTC 2020 : Received response. Status: 200, Integration latency: 16221 ms
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:17:57 GMT, Content-Type=application/json, Content-Length=143, Connection=keep-alive, x-amzn-RequestId=1c9e34f3-fa10-4db0-b825-5e40e3ac9e94, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d0684-a47151cdb1421b4494698ebf;sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response body before transformations: {"statusCode":502,"multiValueHeaders":{"Content-Type":["application/json"]},"body":"{\"message\":\"Gateway timeout\"}","isBase64Encoded":false}
Mon Aug 31 14:17:57 UTC 2020 : Method response body after transformations: {"message":"Gateway timeout"}
Mon Aug 31 14:17:57 UTC 2020 : Method response headers: {Content-Type=application/json, X-Amzn-Trace-Id=Root=1-5f4d0684-a47151cdb1421b4494698ebf;Sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Successfully completed execution
Mon Aug 31 14:17:57 UTC 2020 : Method completed with status: 502

Note:

this role rol-lambda-servicenow has full access on s3

英文:

I am trying to create a lambda funciton through serverless framewrok and want to expose a REST endpoint that will list all the s3 buckets in a region mentioned if the lambda gets triggered through api gateway call.
I successfully created a REST api with hard coded values as mentioned below -

SUCCESS SCENARIO

lambda code:

@RestController
public class LanguageResource {

    @RequestMapping(path = &quot;/languages&quot;, method = RequestMethod.GET)
    public List&lt;Language&gt; listLambdaLanguages() {
        return Arrays.asList(new Language(&quot;node&quot;), new Language(&quot;java&quot;), new Language(&quot;python&quot;));
    }

}

SAM.yml

AWSTemplateFormatVersion: &#39;2010-09-09&#39;
Transform: AWS::Serverless-2016-10-31
Description: Lambda with spring boot.

Resources:
  LambdaSpringBootFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: com.example.test.lambda.LambdaHandler::handleRequest
      Runtime: java8
      CodeUri: target/spring-boot-lambda-1.0.0-SNAPSHOT.jar
      MemorySize: 1512
      Role: arn:aws:iam::XXXXXX:role/rol-lambda-servicenow
#      Policies: AWSLambdaBasicExecutionRole
      Timeout: 60
      Events:
        GetResource:
          Type: Api
          Properties:
            Path: /{proxy+}
            Method: any

Outputs:
  LambdaSpringBootApi:
    Description: URL for application
    Value: !Sub &#39;https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Stage/languages&#39;
    Export:
      Name: LambdaSpringBootApi

endpoint:

/languages

output:

Mon Aug 31 14:13:55 UTC 2020 : Endpoint request body after transformations: {&quot;resource&quot;:&quot;/{proxy+}&quot;,&quot;path&quot;:&quot;/languages&quot;,&quot;httpMethod&quot;:&quot;GET&quot;,&quot;headers&quot;:null,&quot;multiValueHeaders&quot;:null,&quot;queryStringParameters&quot;:null,&quot;multiValueQueryStringParameters&quot;:null,&quot;pathParameters&quot;:{&quot;proxy&quot;:&quot;languages&quot;},&quot;stageVariables&quot;:null,&quot;requestContext&quot;:{&quot;resourceId&quot;:&quot;b04re4&quot;,&quot;resourcePath&quot;:&quot;/{proxy+}&quot;,&quot;httpMethod&quot;:&quot;GET&quot;,&quot;extendedRequestId&quot;:&quot;SI3RfEFWDoEFltg=&quot;,&quot;requestTime&quot;:&quot;31/Aug/2020:14:13:55 +0000&quot;,&quot;path&quot;:&quot;/{proxy+}&quot;,&quot;accountId&quot;:&quot;XXXXXX&quot;,&quot;protocol&quot;:&quot;HTTP/1.1&quot;,&quot;stage&quot;:&quot;test-invoke-stage&quot;,&quot;domainPrefix&quot;:&quot;testPrefix&quot;,&quot;requestTimeEpoch&quot;:1598883235028,&quot;requestId&quot;:&quot;caa5dcc6-60ca-4a35-9a6b-a0f3c2a2555a&quot;,&quot;identity&quot;:{&quot;cognitoIdentityPoolId&quot;:null,&quot;cognitoIdentityId&quot;:null,&quot;apiKey&quot;:&quot;test-invoke-api-key&quot;,&quot;principalOrgId&quot;:null,&quot;cognitoAuthenticationType&quot;:null,&quot;userArn&quot;:&quot;arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh&quot;,&quot;apiKeyId&quot;:&quot;test-invoke-api-key-id&quot;,&quot;userAgent&quot;:&quot;aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:13:55 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-DI8EHLE9ME1U/invocations
Mon Aug 31 14:14:05 UTC 2020 : Received response. Status: 200, Integration latency: 10595 ms
Mon Aug 31 14:14:05 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:14:05 GMT, Content-Type=application/json, Content-Length=188, Connection=keep-alive, x-amzn-RequestId=1338096f-3eec-4bf4-bd0f-9873250b4e8b, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d05a3-789c6e282a4f7f92e19a77ff;sampled=0}
Mon Aug 31 14:14:05 UTC 2020 : Endpoint response body before transformations: **{&quot;statusCode&quot;:200,&quot;multiValueHeaders&quot;:{&quot;Content-Type&quot;:[&quot;application/json; charset=UTF-8&quot;]},&quot;body&quot;:&quot;[{\&quot;name\&quot;:\&quot;node\&quot;},{\&quot;name\&quot;:\&quot;java\&quot;},{\&quot;name\&quot;:\&quot;python\&quot;}]&quot;,&quot;isBase64Encoded&quot;:false}**
Mon Aug 31 14:14:05 UTC 2020 : Method response body after transformations: [{&quot;name&quot;:&quot;node&quot;},{&quot;name&quot;:&quot;java&quot;},{&quot;name&quot;:&quot;python&quot;}]
Mon Aug 31 14:14:05 UTC 2020 : Method response headers: {Content-Type=application/json; charset=UTF-8, X-Amzn-Trace-Id=Root=1-5f4d05a3-789c6e282a4f7f92e19a77ff;Sampled=0}
Mon Aug 31 14:14:05 UTC 2020 : Successfully completed execution
Mon Aug 31 14:14:05 UTC 2020 : Method completed with status: 200

However, when i try to list s3 buckets what i understood that i need to use aws s3 SDK and while used it as mentioned below it is throwing me gateway timeout error with no specific details. I am very new into these things that is why need help

FAILURE SCENARIO
lambda code:

@RequestMapping(path = &quot;/languages&quot;, method = RequestMethod.GET)
    public ListBucketsResponse listLambdaLanguages() {

        Region region = Region.EU_WEST_1;
        S3Client s3 = S3Client.builder().region(region).build();
        
        ListBucketsRequest listBucketsRequest = ListBucketsRequest.builder().build();
        ListBucketsResponse listBucketsResponse = s3.listBuckets(listBucketsRequest);
        listBucketsResponse.buckets().stream().forEach(x -&gt; System.out.println(x.name()));

        return listBucketsResponse;
    }

SAM.yml
<same>

endpoint:

/languages

Output:

Mon Aug 31 14:17:40 UTC 2020 : Endpoint request body after transformations: {&quot;resource&quot;:&quot;/{proxy+}&quot;,&quot;path&quot;:&quot;/languages&quot;,&quot;httpMethod&quot;:&quot;GET&quot;,&quot;headers&quot;:null,&quot;multiValueHeaders&quot;:null,&quot;queryStringParameters&quot;:null,&quot;multiValueQueryStringParameters&quot;:null,&quot;pathParameters&quot;:{&quot;proxy&quot;:&quot;languages&quot;},&quot;stageVariables&quot;:null,&quot;requestContext&quot;:{&quot;resourceId&quot;:&quot;2n2pvy&quot;,&quot;resourcePath&quot;:&quot;/{proxy+}&quot;,&quot;httpMethod&quot;:&quot;GET&quot;,&quot;extendedRequestId&quot;:&quot;SI30xFwRDoEFRPA=&quot;,&quot;requestTime&quot;:&quot;31/Aug/2020:14:17:40 +0000&quot;,&quot;path&quot;:&quot;/{proxy+}&quot;,&quot;accountId&quot;:&quot;XXXXXX&quot;,&quot;protocol&quot;:&quot;HTTP/1.1&quot;,&quot;stage&quot;:&quot;test-invoke-stage&quot;,&quot;domainPrefix&quot;:&quot;testPrefix&quot;,&quot;requestTimeEpoch&quot;:1598883460839,&quot;requestId&quot;:&quot;df87b0f3-57de-45f8-9c11-d64000be3d61&quot;,&quot;identity&quot;:{&quot;cognitoIdentityPoolId&quot;:null,&quot;cognitoIdentityId&quot;:null,&quot;apiKey&quot;:&quot;test-invoke-api-key&quot;,&quot;principalOrgId&quot;:null,&quot;cognitoAuthenticationType&quot;:null,&quot;userArn&quot;:&quot;arn:aws:sts::XXXXXX:assumed-role/rol-mgt-dta-administrators/aniruddha.ghosh&quot;,&quot;apiKeyId&quot;:&quot;test-invoke-api-key-id&quot;,&quot;userAgent&quot;:&quot;aws-internal/3 aws-sdk-java/1.11.829 Linux/4.9.217-0.1.ac.205.84.332.metal1. [TRUNCATED]
Mon Aug 31 14:17:40 UTC 2020 : Sending request to https://lambda.eu-west-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:eu-west-1:XXXXXX:function:ssc-mgt-dta-servicenow-la-LambdaSpringBootFunction-U14LQ9SEJQ4I/invocations
Mon Aug 31 14:17:57 UTC 2020 : Received response. Status: 200, Integration latency: 16221 ms
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response headers: {Date=Mon, 31 Aug 2020 14:17:57 GMT, Content-Type=application/json, Content-Length=143, Connection=keep-alive, x-amzn-RequestId=1c9e34f3-fa10-4db0-b825-5e40e3ac9e94, x-amzn-Remapped-Content-Length=0, X-Amz-Executed-Version=$LATEST, X-Amzn-Trace-Id=root=1-5f4d0684-a47151cdb1421b4494698ebf;sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Endpoint response body before transformations: {&quot;statusCode&quot;:502,&quot;multiValueHeaders&quot;:{&quot;Content-Type&quot;:[&quot;application/json&quot;]},&quot;body&quot;:&quot;{\&quot;message\&quot;:\&quot;Gateway timeout\&quot;}&quot;,&quot;isBase64Encoded&quot;:false}
Mon Aug 31 14:17:57 UTC 2020 : Method response body after transformations: {&quot;message&quot;:&quot;Gateway timeout&quot;}
Mon Aug 31 14:17:57 UTC 2020 : Method response headers: {Content-Type=application/json, X-Amzn-Trace-Id=Root=1-5f4d0684-a47151cdb1421b4494698ebf;Sampled=0}
Mon Aug 31 14:17:57 UTC 2020 : Successfully completed execution
Mon Aug 31 14:17:57 UTC 2020 : Method completed with status: 502

Note:

this role rol-lambda-servicenow has full access on s3

答案1

得分: 0

您的 Lambda 函数没有执行该操作的权限,因此被阻止。您可以在此处阅读更多信息:https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html

此外,请尝试在您的 AWS 控制台中访问 CloudWatch 日志组。日志应该能够清楚地告诉您有关该问题的信息。

英文:

Your lambda does not have permission to do that so it's blocked. You can read more here https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html

Also try to go to CloudWatch log groups in your AWS console. Logs should tell you clearly about that problem

huangapple
  • 本文由 发表于 2020年8月31日 22:35:18
  • 转载请务必保留本文链接:https://go.coder-hub.com/63672852.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定