Lambda每次被调用时都会创建ENI:击中限制 [英] Lambda creating ENI everytime it is invoked: Hitting limit

问题描述

我的Lambda可以访问VPC上的资源，如文档所述，我已授予Lambda角色来创建网络接口.我当时以为ENI已被重用，但是每次调用似乎都在创建一个新的ENI，这会引发错误

My Lambda accesses resources on my VPC so as instructed in the documentation I've given the Lambda a role to create network interfaces. I was under the assumption that the ENI is reused but looks like every invocation is creating a new ENI which caused to throw an error

Lambda was not able to create an ENI in the VPC of the Lambda function because the limit for Network Interfaces has been reached.

Lambda was not able to create an ENI in the VPC of the Lambda function because the limit for Network Interfaces has been reached.

我搜索了google，但找不到解决此问题的最佳方法.除了定期手动删除这些ENI，还有更好的方法吗?

I searched google but couldn't find the best way to solve this issue. Apart from manually deleting these ENIs periodically is there a better way?

推荐答案

正如Mark所建议的，问题是我的AWS Lambda没有DeleteNetworkInterface 在设置lambda的角色(策略)中指定的操作.通过提供适当的策略，Lambda现在可以分离并删除ENI.

As Mark suggested, the issue was my AWS Lambda didn't have the DeleteNetworkInterface Action specified in the role(Policy) that the lambda was set to. By giving the appropriate policy the Lambda now detaches and deletes the ENI when done.

        {
            "Effect": "Allow",
            "Resource": "*",
            "Action": [
                "ec2:DescribeInstances",
                "ec2:CreateNetworkInterface",
                "ec2:AttachNetworkInterface",
                "ec2:DescribeNetworkInterfaces",
                "ec2:DeleteNetworkInterface",
                "ec2:DetachNetworkInterface",
                "ec2:ModifyNetworkInterfaceAttribute",
                "ec2:ResetNetworkInterfaceAttribute",
                "autoscaling:CompleteLifecycleAction"
            ]
        }

这篇关于Lambda每次被调用时都会创建ENI:击中限制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！