AWS Parameters and Secrets Lambda Extension timing out on request

0

Hi there,

I am attempting to use the extension in the title following the guide mentioned here and I am unfortunately hitting an issue where the extension starts and awaits requests (I can see this in the logs from setting the debug flag) although when I send the request, it times-out. I have set the timeout of the lambda to the maximum potential value with the same effect.

Function logs

I have set my lambdas execution role in the following manner:

Lambda policy

The runtime of my function is arm64 using TypeScript. My code to request my secret is as follows: Code which fetches secret

I have been trying different things all to no avail as the application still times out. Any help on what is going on here would be greatly appreciated.

nifty
posta un anno fa1040 visualizzazioni
2 Risposte
0
Risposta accettata

Solved it!

Turns out that as I had linked my Lambda to my VPC it actually prevents the function talking with Secrets Manager as those endpoints are all public https://repost.aws/questions/QU1WLg4Q2-TCqznkgmpPnW0g/getting-secret-from-lambda-times-out-when-attached-to-vpc-subnet

The solution for this was to create a VPC endpoint accepting requests from the security group which my lambda was in. After doing this, the extension works as expected.

Hope this helps someone else who faces the same issue 💫

nifty
con risposta un anno fa
0

Hi nifty,

I wrote an article recently about this integration: https://medium.com/aws-in-plain-english/potential-costs-and-latency-improvements-with-aws-parameters-and-secrets-lambda-extensions-40b6af151b0

Could you try with the the code in article to rule out whether the fetch method or some code is preventing you to perform the right call to the extension?

Only difference I can spot is usage of encodeURIComponent method in my implementation.

profile picture
ESPERTO
con risposta un anno fa
  • Hi @alatech

    Thanks for the reply and the link to your article. I added the layer again the style you described in your article and used the exact same code but sadly I have the same issue where it simply times out when requesting the secret

  • Glad it helped, wasnt aware the lambda was in a VPC, good!

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande