如何在AWS Lambda中运行AWS开发工具包Opsworks命令? [英] How to run AWS SDK Opsworks Commands in AWS Lambda?

问题描述

我有一个非常简单的lambda函数，尝试使用AWS开发工具包调用opsworks.describeInstances.该代码在本地可以很好地执行，但是在lambda内部，它可以超时，没有错误或反馈.

I've got a very simple lambda function trying to use the AWS SDK to call opsworks.describeInstances. The code executes locally fine, however inside lambda, it times out with no error or feedback.

var AWS = require('aws-sdk');
var opsworks = new AWS.OpsWorks({
    apiVersion: 'latest',
    region: "us-east-1"
});
exports.handler = function(event, context, callback) {
    var params = {
        LayerId: 'idoflayer'
    };
    opsworks.describeInstances(params, function(err, data) {
        if (err) {
            return callback(err);
        }
        callback(null, data);
    });
};

lambda政策是:

The lambda policy is:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "opsworks:CreateDeployment",
                "opsworks:DescribeDeployments",
                "opsworks:DescribeLayers",
                "opsworks:DescribeInstances"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

我增加了内存和超时时间.日志仅显示正在调用该函数，没有输出.对lambda函数的监视显示了调用错误，但是我认为这仅是由于超时所致.我正在us-west-2中运行此程序，但我也尝试过在us-east-1中运行此程序，同样的结果.

I've increased both memory and timeout. The logs only show that function is being called, no output. The monitoring of the lambda function shows Invocation errors, but I think this is just due to the timeout. I'm running this in us-west-2, but I've also tried running it in us-east-1, same result.

有什么想法吗?我很想使用lambda来监视和管理OpsWorks.

Any ideas? I'd love to use lambda to monitor and manage OpsWorks.

推荐答案

为了解决此问题，我删除了自定义VPC设置，因为该功能仅试图访问AWS Opsworks API.在文档中也注意到了这一点:

To solve, I just removed the custom VPC settings, since the function was only trying to access the AWS Opsworks API. Also noticed this inside the documentation:

启用VPC后，您的Lambda功能将失去默认的Internet访问.如果您需要外部Internet访问功能，请确保您的安全组允许出站连接，并且您的VPC具有NAT网关.

When you enable VPC, your Lambda function will lose default internet access. If you require external internet access for your function, ensure that your security group allows outbound connections and that your VPC has a NAT gateway.

由于Lambda捆绑了SDK，使其可以在函数内部使用，并且访问权限是由IAM策略确定的，因此您仍然需要外部访问Internet才能使用该API，这有点令人困惑.

Since Lambda bundles the SDK to be available inside functions and access is determined by IAM policies, it is a little confusing that you still need external access to the internet to use the API.

这篇关于如何在AWS Lambda中运行AWS开发工具包Opsworks命令?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！