使用localstack从另一个Lambda调用Lambda时出现UnrecognizedClientException

问题描述 投票:0回答:1

我正在使用此docker-compose.yml文件在docker容器内运行localstack。

version: '2.1'

services:
  localstack:
    image: localstack/localstack
    ports:
      - "4567-4597:4567-4597"
      - "${PORT_WEB_UI-8080}:${PORT_WEB_UI-8080}"
    environment:
      - SERVICES=${SERVICES- }
      - DEBUG=1
      - DATA_DIR=${DATA_DIR- }
      - PORT_WEB_UI=${PORT_WEB_UI- }
      - LAMBDA_EXECUTOR=docker
      - KINESIS_ERROR_PROBABILITY=${KINESIS_ERROR_PROBABILITY- }
      - DOCKER_HOST=unix:///var/run/docker.sock
    volumes:
      - "${TMPDIR:-/tmp/localstack}:/tmp/localstack"
      - "/var/run/docker.sock:/var/run/docker.sock"

要启动本地堆栈,我运行TMPDIR=/private$TMPDIR docker-compose up

我创建了两个lambda。当我运行aws lambda list-functions --endpoint-url http://localhost:4574 --region=us-east-1时,这是输出。

{
"Functions": [
    {
        "TracingConfig": {
            "Mode": "PassThrough"
        },
        "Version": "$LATEST",
        "CodeSha256": "qmDiumefhM0UutYv32By67cj24P/NuHIhKHgouPkDBs=",
        "FunctionName": "handler",
        "LastModified": "2019-08-08T17:56:58.277+0000",
        "RevisionId": "ffea379b-4913-420b-9444-f1e5d51b5908",
        "CodeSize": 5640253,
        "FunctionArn": "arn:aws:lambda:us-east-1:000000000000:function:handler",
        "Environment": {
            "Variables": {
                "DB_NAME": "somedbname",
                "IS_PRODUCTION": "FALSE",
                "SERVER": "xxx.xxx.xx.xxx",
                "DB_PASS": "somepass",
                "DB_USER": "someuser",
                "PORT": "someport"
            }
        },
        "Handler": "handler",
        "Role": "r1",
        "Timeout": 3,
        "Runtime": "go1.x",
        "Description": ""
    },
    {
        "TracingConfig": {
            "Mode": "PassThrough"
        },
        "Version": "$LATEST",
        "CodeSha256": "wbT8YzTsYW4sIOAXLtjprrveq5NBMVUaa2srNvwLxM8=",
        "FunctionName": "paymentenginerouter",
        "LastModified": "2019-08-08T18:00:28.923+0000",
        "RevisionId": "bd79cb2e-6531-4987-bdfc-25a5d87e93f4",
        "CodeSize": 6602279,
        "FunctionArn": "arn:aws:lambda:us-east-1:000000000000:function:paymentenginerouter",
        "Environment": {
            "Variables": {
                "DB_QUERY_LAMBDA": "handler",
                "AWS_REGION": "us-east-1"
            }
        },
        "Handler": "handler",
        "Role": "r1",
        "Timeout": 3,
        "Runtime": "go1.x",
        "Description": ""
    }
]

}

paymentenginerouter代码内部,我试图通过以下方式调用handler lambda:

    lambdaParams := &invoke.InvokeInput{
    FunctionName:   aws.String(os.Getenv("DB_QUERY_LAMBDA")),
    InvocationType: aws.String("RequestResponse"),
    LogType:        aws.String("Tail"),
    Payload:        payload,
}
result, err := svc.Invoke(lambdaParams)
if err != nil {
    resp.StatusCode = 500
    log.Fatal("Error while invoking lambda:\n", err.Error())
}

invoke是导入位置:invoke "github.com/aws/aws-sdk-go/service/lambda"

当我通过以下方式运行paymentenginerouter lambda时:

aws lambda invoke --function paymentenginerouter --payload  '{ "body": "{\"id\":\"12\",\"internalZoneCode\":\"xxxxxx\",\"vehicleId\":\"xxxxx\",\"vehicleVrn\":\"vehicleVrn\",\"vehicleVrnState\":\"vehicleVrnState\",\"durationInMinutes\":\"120\",\"verification\":{\"Token\":null,\"lpn\":null,\"ZoneCode\":null,\"IsExtension\":null,\"ParkingActionId\":null},\"selectedBillingMethodId\":\"xxxxxx\",\"startTimeLocal\":\"2019-07-29T11:36:47\",\"stopTimeLocal\":\"2019-07-29T13:36:47\",\"vehicleVin\":null,\"orderId\":\"1\",\"parkingActionType\":\"OnDemand\",\"digitalPayPaymentInfo\":{\"Provider\":\"<string>\",\"ChasePayData\":{\"ConsumerIP\":\"xxxx\",\"DigitalSessionID\":\"xxxx\",\"TransactionReferenceKey\":\"xxxx\"}}}"
}' --endpoint-url=http://localhost:4574 --region=us-east-1 out --debug

我收到此错误:

localstack_1  | 2019/08/08 20:02:28 Error while invoking lambda:
localstack_1  | UnrecognizedClientException: The security token included in the request is invalid.
localstack_1  |     status code: 403, request id: bd4e3c15-47ae-44a2-ad6a-376d78d8fd92

I can直接通过cli调用handler lambda,而不会出现错误:

aws lambda invoke --function handler --payload '{"body": "SELECT TOKEN, NAME, CREATED, ENABLED, TIMESTAMP FROM dbo.PAYMENT_TOKEN WHERE BILLING_METHOD_ID='xxxxxxx'"}' --endpoint-url=http://localhost:4574 --region=us-east-1 out --debug

我以为AWS凭证是根据localstack中的环境变量设置的,但我可能会误解。知道如何解决这个问题吗?

我对AWS lambda很陌生,在涉及本地堆栈时绝对不是菜鸟,所以请询问更多详细信息是否需要它们。我的描述中可能会丢失一些关键信息。

amazon-web-services aws-lambda invoke localstack
1个回答
0
投票

您收到的错误消息为The security token included in the request is invalid.,表示您的lambda尝试使用无效的凭据调出真实的AWS,而不是转到Localstack。

[在localstack中运行lambda时,lambda代码本身必须调出localstack中托管的任何AWS服务,您需要确保将使用的所有端点都重定向到localstack。

为此,在本地堆栈中有一个已记录的功能:

https://github.com/localstack/localstack#configurations

LOCALSTACK_HOSTNAME: Name of the host where LocalStack services are available.
This is needed in order to access the services from within your Lambda functions 
(e.g., to store an item to DynamoDB or S3 from Lambda). The variable 
LOCALSTACK_HOSTNAME is available for both, local Lambda execution 
(LAMBDA_EXECUTOR=local) and execution inside separate Docker containers 
(LAMBDA_EXECUTOR=docker).

在您的lambda代码中,请确保您使用此环境变量来设置主机名(以http://开头,并在localstack中后缀该服务的端口号,例如dynamodb的:4569)。这样可以确保将呼叫转到正确的位置。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.