Error calling SSM to get parameters Name or service not known

0

My dotnet web application lambda was working great, I have the distributed Redis cache working with data protection enabled with services.AddDataProtection(). PersistKesToAWSSystemsManager ("/AWCWebManager/DataProtection"). Everything worked fine for a more than 10 days of testing and development, however after a seemingly incremental and unrelated change to the app after publishing to AWS Lambda now the Web client on access to the application times out with:

{"message": "Endpoint request timed out"}

In the Event Logs I see:

021-05-27 01:15:08: info: Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository[0]
2021-05-27 01:15:08: Using SSM Parameter Store to persist DataProtection keys with parameter name prefix /AWCWebManager/DataProtection/
2021-05-27 01:15:08: [Information] Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository: Using SSM Parameter Store to persist DataProtection keys with parameter name prefix /AWCWebManager/DataProtection/
2021-05-27 01:15:42: fail: Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository[0]
2021-05-27 01:15:42: Error calling SSM to get parameters starting with /AWCWebManager/DataProtection/: Name or service not known
2021-05-27 01:15:42: [Error] Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository: Error calling SSM to get parameters starting with /AWCWebManager/DataProtection/: Name or service not known
2021-05-27 01:15:42: fail: Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48]
2021-05-27 01:15:42: An error occurred while reading the key ring.

Checking IAM the application role has full access to SSM.
The AWS Systems Manager Parameter Store has a few rows with proper prefix and different /key suffix.
Anyone have suggestions as to what could cause the data session protection with SSM to glitch like this?
Thanks,
Mike

mwfox
asked 3 years ago333 views
1 Answer
0

The problem stemmed from adding a second website project to the visual studio solution. The second website did not have any permissions or used SSM. I noticed the wrong appsetting.json in the S2 bucket, by removing the second web project and redeploying everything is back to working. It would be great if the Visual Studio publish Lambda function realized it did not know how to handle the situation and offered a warning instead of populating the bucket with broken configuraitons.

mwfox
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions