AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Lambda nodejs cant connect to documentDB

0

Good morning all, I'm trying to connect with NodeJs to my documentdb cluster with mongoose without ssl: I get {"message":"Internal server error"} with ssl i get pem file not found {"message":"ENOENT: no such file or directory, open '/var/task/rds-combined-ca-bundle.pem'"}

Here is my code with ssl

import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda'
import mongoose = require('mongoose')
import fs = require("fs")
import path = require("path")

export const lambdaHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
  let response: APIGatewayProxyResult;
  try {
    const filePath = path.join(__dirname, 'rds-combined-ca-bundle.pem')
    const databaseUri = 'mongodb://myuser:mypassword@mycluster.docdb.amazonaws.com:27017/?ssl=true&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false'
    const client = await mongoose.connect(databaseUri, {
        ssl: true,
        sslValidate: false,
        sslCA: filePath,
        useNewUrlParser: true,
        useUnifiedTopology: true
    })

    // Return result
    response = { statusCode: 200, body: JSON.stringify({ test: 'test mongoose', client: client }) }
  } catch (err: unknown) {
    console.log('4',err)
    response = { statusCode: 500, body: JSON.stringify({ message: err.message }) }
  }
  return response;
}

Here is my code without ssl

import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda'
import mongoose = require('mongoose')

export const lambdaHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
  let response: APIGatewayProxyResult;
  try {
    const client = await mongoose.connect(
    'mongodb://myuser:mypassword@mycluster.docdb.amazonaws.com:27017/sample-database?replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false',
    {
     useNewUrlParser: true
    })
    //Return result
    response = { statusCode: 200, body: JSON.stringify({ test: 'test mongoose', client: client }) }
  } catch (err: unknown) {
    console.log('4',err)
    response = { statusCode: 500, body: JSON.stringify({ message: err.message }) }
  }
  return response;
}

Could you help me ? thank you sincerely

주제
서버리스컴퓨팅데이터베이스
태그
AWS Lambda아마존 문서DB
언어
English
Julien Griffon
질문됨 일 년 전360회 조회
1개 답변
0

If TLS is enabled on your Document DB Cluster then you need to provide the SSL CA bundle in your request. It seems that the lambda is trying to load it from a path that doesn't exist. your options to have a cert used in your lambda could be one of the following :

  • Use a secret in secrets manager to hold the cert content then have the lambda pull the value of the secret and download it to the /tmp directory when your lambda runs and then use it to make the connection
  • Build a lambda layer that includes the cert then add the layer to your lambda,the cert would then be accessible under /opt
AWS
KRady-AWS
답변함 일 년 전
  • Julien Griffon
    일 년 전

    thank you for your reply ! I will try the solution with the layer. have a nice day

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠