无法使用功能中的node_modules中的aws lambda层共享库 [英] aws lambda layer shared library in node_modules not accesible in function
问题描述
我最近更改了lambda函数,以使用新的aws Lambda Layer功能来共享所有的node_modules文件夹.我使用以下结构创建了zip:
I recently changed my lambda functions to use the new aws Lambda Layer functionality, to share all the node_modules folder. I created the zip with the following structure:
nodejs/node_modules/<libraries, like 'async' and others..>
nodejs/package.json
我还将lambda函数链接到该层,并且该函数成功(在CLI和Web控制台中均已选中),请参见下面的输出. 但无论如何,lambda函数始终会在需要时失败:
I also linked the lambda function to the layer, and it succeed (checked both in the CLI and in the web console), see output below.. but anyway, always the lambda function fails on the require:
in lambda: require('async')
output: "errorMessage":"Cannot find module 'async'"
更新功能调用的输出:
aws lambda update-function-configuration --function-name MY_LAMBDA --layers arn:aws:lambda:us-west-2:MY_ID:layer:MY_LAYER:4
{
"Layers": [
{
"CodeSize": 21482560,
"Arn": "arn:aws:lambda:us-west-2:MY_ID:layer:MY_LAYER:4"
}
],
"FunctionName": "MY_LAMBDA",
"LastModified": "2018-12-18T23:44:34.062+0000",
"RevisionId": "f55a6ab7-7b0b-494a-840c-87fb8371a117",
"MemorySize": 128,
"Version": "$LATEST",
"Role": "arn:aws:iam::MY_ID:role/service-role/MY_ROLE",
"Timeout": 30,
"Runtime": "nodejs4.3",
"TracingConfig": {
"Mode": "PassThrough"
},
"CodeSha256": "hajYdqb+...=",
"Description": "",
"VpcConfig": { ... lot of stuff here .. },
"CodeSize": 429123,
"FunctionArn": "arn:aws:lambda:MY_ZONE:MY_ID:function:MY_LAMBDA",
"Handler": "MY_HANDLER"
}
注释: 1.我的图层在版本4中. 2.我将层设置为所有三个node.js环境以提供支持. 3.我检查了zip,它具有预期的所有node_modules内容.
notes: 1. my layer is in version 4. 2. I set the layer to all three node.js environments for support. 3. I checked the zip and it has all the node_modules content as expected.
欢迎您提出关于其他检查内容的任何建议!
any suggestion about what else to check is welcomed!
推荐答案
您可以正确创建图层及其版本,也可以毫无问题地检索有关图层的信息.
You able to create the Layer and it's version properly and also able to retrieve information about them without any issues.
即使在Lambda函数无法使用图层中的库之后,Lambda函数似乎也无法访问图层,因为它没有权限.
Even after that Lambda function is not able to use the libraries from the Layer, looks like the Lambda function is not able to access the Layer because it does not have the permission to do so.
您可以通过检查与Lambda关联的角色是否附加了任何允许lambda:GetLayerVersion权限的策略来确认这一点.
You can confirm this by checking if the role associated with the Lambda is having any policy attached to it which allows lambda:GetLayerVersion permission.
如果不是,则需要使用以下JSON和一些有意义的名称来创建新策略.
If not you need to create a new policy with following JSON and some meaningful name.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "lambda:GetLayerVersion",
"Resource": "*"
}
]
}
现在,您需要将此策略附加到与Lambda函数关联的角色arn:aws:iam::MY_ID:role/service-role/MY_ROLE.
Now you need to add attach this policy to the role arn:aws:iam::MY_ID:role/service-role/MY_ROLE which associated with the Lambda function.
以上两项操作均可在AWS控制台中执行.
Both of the above actions can be performed from AWS Console.
完成此操作后,Lambda函数将具有获取图层版本的权限,并且应该能够从图层访问库.
Once this is done, the Lambda function will have permission to get the layer version and should be able access the libraries from the Layer.
我希望这可以帮助您解决问题.随时询问您是否需要任何澄清.
I hope this would help you resolve your issue. Feel free to ask if you need any clarifications.
这篇关于无法使用功能中的node_modules中的aws lambda层共享库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
