AWS Parameters and Secrets Lambda Extension timing out on request

0

Hi there,

I am attempting to use the extension in the title following the guide mentioned here and I am unfortunately hitting an issue where the extension starts and awaits requests (I can see this in the logs from setting the debug flag) although when I send the request, it times-out. I have set the timeout of the lambda to the maximum potential value with the same effect.

Function logs

I have set my lambdas execution role in the following manner:

Lambda policy

The runtime of my function is arm64 using TypeScript. My code to request my secret is as follows: Code which fetches secret

I have been trying different things all to no avail as the application still times out. Any help on what is going on here would be greatly appreciated.

2 Respostas
0
Resposta aceita

Solved it!

Turns out that as I had linked my Lambda to my VPC it actually prevents the function talking with Secrets Manager as those endpoints are all public https://repost.aws/questions/QU1WLg4Q2-TCqznkgmpPnW0g/getting-secret-from-lambda-times-out-when-attached-to-vpc-subnet

The solution for this was to create a VPC endpoint accepting requests from the security group which my lambda was in. After doing this, the extension works as expected.

Hope this helps someone else who faces the same issue 💫

nifty
respondido há um ano
profile picture
ESPECIALISTA
A_J
avaliado há 13 dias
0

Hi nifty,

I wrote an article recently about this integration: https://medium.com/aws-in-plain-english/potential-costs-and-latency-improvements-with-aws-parameters-and-secrets-lambda-extensions-40b6af151b0

Could you try with the the code in article to rule out whether the fetch method or some code is preventing you to perform the right call to the extension?

Only difference I can spot is usage of encodeURIComponent method in my implementation.

profile picture
ESPECIALISTA
respondido há um ano
  • Hi @alatech

    Thanks for the reply and the link to your article. I added the layer again the style you described in your article and used the exact same code but sadly I have the same issue where it simply times out when requesting the secret

  • Glad it helped, wasnt aware the lambda was in a VPC, good!

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas