Reputation: 299
AWS Secrets and Parameters Lambda Extension throw not ready to serve traffic
I'm trying to use AWS Parameters and Secrets Lambda Extension. From the documentation, looks straightforward, just send GET request to localhost:2773 and attach header AWS session token. I tried that, but it gave me not ready to serve traffic, please wait.
The weird thing is above that I can already see that the server is actually ready to serve traffic [AWS Parameters and Secrets Lambda Extension] 2023/03/03 08:05:50 INFO ready to serve traffic.
My code is in Golang:
// Using Lambda Extensions to get SSM Parameters and Secrets Manager env vars
func LoadEnvVarsFromLambdaExtension() {
paramsSecretsExtensionHttpPort := utils.GetEnv("PARAMETERS_SECRETS_EXTENSION_HTTP_PORT", "2773")
awsSessionToken := utils.GetEnv("AWS_SESSION_TOKEN", "")
ssmParamsUrl := "http://localhost:" + paramsSecretsExtensionHttpPort + "/systemsmanager/parameters/get?name="
urlWithDecryption := "&withDecryption=true"
secretsUrl := "http://localhost:" + paramsSecretsExtensionHttpPort + "/secretsmanager/get?secretId="
internalApiTokenSSMPath := utils.GetEnv("INTERNAL_API_TOKEN", "")
jwtSecretSSMPath := utils.GetEnv("JWT_SECRET", "")
redisSecretPath := utils.GetEnv("REDIS_SECRETS_ARN", "")
internalApiTokenGetUrl := ssmParamsUrl + internalApiTokenSSMPath + urlWithDecryption
jwtSecretGetUrl := ssmParamsUrl + jwtSecretSSMPath + urlWithDecryption
redisGetUrl := secretsUrl + redisSecretPath
EnvSettings.InternalAPIToken, _ = httpGet(internalApiTokenGetUrl, awsSessionToken)
EnvSettings.JwtSecret, _ = httpGet(jwtSecretGetUrl, awsSessionToken)
EnvSettings.RedisSecret, _ = httpGet(redisGetUrl, awsSessionToken)
}
// http GET request with headers
func httpGet(url string, awsSessionToken string) (string, error) {
req, err := http.NewRequest("GET", url, nil)
if err != nil {
log.Error(errors.Wrap(err, "Error creating request"))
}
req.Header.Set("X-Aws-Parameters-Secrets-Token", awsSessionToken)
client := &http.Client{
Timeout: time.Second * 10,
}
resp, err := client.Do(req)
if err != nil {
log.Error(errors.Wrap(err, "Error sending request"))
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Error(errors.Wrap(err, "Error reading body"))
}
return string(body), nil
}
And I kinda just run it in main function, set it up first
func main() {
lambdaUtils.LoadEnvVarsFromLambdaExtension()
lambda.Start(HandleRequestTest)
}
func HandleRequestTest(ctx context.Context) (string, error) {
fmt.Println(lambdaUtils.EnvSettings.InternalAPIToken)
fmt.Println(lambdaUtils.EnvSettings.JwtSecret)
fmt.Println(lambdaUtils.EnvSettings.RedisSecret)
return lambdaUtils.EnvSettings.RedisSecret, nil
}
Any help would be great. Thank you.
Upvotes: 8
Views: 2729
Answers (1)
Reputation: 299
Nevermind. I'm just being silly that the invocation is before the lambda handler, so the lambda extension obviously not ready when it is tried to be loaded.
It should be:
func HandleRequestTest(ctx context.Context) (string, error) {
lambdaUtils.LoadEnvVarsFromLambdaExtension()
fmt.Println(lambdaUtils.EnvSettings.InternalAPIToken)
fmt.Println(lambdaUtils.EnvSettings.JwtSecret)
fmt.Println(lambdaUtils.EnvSettings.RedisSecret)
return lambdaUtils.EnvSettings.RedisSecret, nil
}
But actually, this does not solve my problem in getting the params and secret manager since my lambda is inside VPC, which cannot get internet access unless provision a NAT Gateway.
Upvotes: 7
Related Questions
- Invoking AWS Lambda via CLI returns ERROR: Could not parse payload into json: Unexpected character ((CTRL-CHAR, code 145)):
- Could not parse request body into json: Unexpected character (\'-\' (code 45)) AWS Lambda + API + Postman
- Can AWS API Gateway support `application/x-www-form-urlencoded` with body and query string parameters?
- AccessDeniedException when retrieving AWS Parameters from Lambda