Questions tagged with Serverless

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

What IAM Permissions do I need to consume an SQS que from Lambda?

Hello, I'm trying to have an event driven solution where the SQS que sends messages to lambda as soon as it receives the message. I have a third party application that sends messages to SQS and assumes a role in which gives it permission to perform actions needed on the SQS. I am kind of confused what I need to consume an SQS que from lambda. In the documentation it indicates that to poll events from Lambda different permissions are needed, and then it gives directions for "event driven" triggers to lambda from the SQS Que. I am writing all of this in CDK so maybe that's where I may be missing something at. So far in my CDK I have the SQS message able to be consumed by lambda I believe, by using `sqsQue.grantConsumeMessages(Mylambda)` which indicates [here ](https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-sqs.Queue.html) that this will allow SQS messages to be consumed by grantee which is my lambda. I am not certain if this adds a resource based policy to lambda to SQS, I'm assuming that it adds it to SQS and I do not need to add it to the lambda. However, for the lambda in my CDK I just have the default execution policy and I do not believe I added a resource based policy. I'm not even sure if it is needed for my use case So do I need resource based policy for this? Or do I need anything particular in my execution role? Also is there a difference between event driven SQS triggering lambda vs lambda polling from SQS, aren't these two separate implementations?
1
answers
0
votes
8
views
Mont23
asked 13 hours ago

Is X-Ray on Lambda Compatible with .NET Ahead-of-Time compilation?

When attempting to set up XRay in a .NET/C# Lambda function published with AOT, I am getting the following error upon invoking the function: ``` Unhandled Exception: System.TypeInitializationException: A type initializer threw an exception. To determine which type, inspect the InnerException's StackTrace property. ---> System.MissingMethodException: No parameterless constructor defined for type 'Amazon.XRay.Recorder.Core.Sampling.Local.SamplingConfiguration'. at System.ActivatorImplementation.CreateInstance(Type, Boolean) + 0x120 at ThirdParty.LitJson.JsonMapper.ReadValue(Type, JsonReader) + 0x483 at ThirdParty.LitJson.JsonMapper.ToObject[T](TextReader) + 0x4f at Amazon.XRay.Recorder.Core.Sampling.Local.LocalizedSamplingStrategy.Init(Stream) + 0x60 at Amazon.XRay.Recorder.Core.Sampling.Local.LocalizedSamplingStrategy.InitWithDefaultSamplingRules() + 0x53 at Amazon.XRay.Recorder.Core.AWSXRayRecorder..ctor(ISegmentEmitter) + 0x5e at Amazon.XRay.Recorder.Core.AWSXRayRecorder..cctor() + 0xcd at System.Runtime.CompilerServices.ClassConstructorRunner.EnsureClassConstructorRun(StaticClassConstructionContext*) + 0xb9 --- End of inner exception stack trace --- [...] ``` I've tried adding the following to rd.xml, to no avail: ```xml <Directives xmlns="http://schemas.microsoft.com/netfx/2013/01/metadata"> <Application> <Assembly Name="bootstrap" Dynamic="Required All"/> <Assembly Name="AWSSDK.Core" Dynamic="Required All"/> <Assembly Name="AWSSDK.SecretsManager" Dynamic="Required All"/> <Assembly Name="AWSSDK.XRay" Dynamic="Required All"/> <Assembly Name="AWSXRayRecorder.Core" Dynamic="Required All"/> <Assembly Name="AWSXRayRecorder.Handlers.AwsSdk" Dynamic="Required All"/> <Assembly Name="System.Configuration.ConfigurationManager"> <Type Name="System.Configuration.ClientConfigurationHost" Dynamic="Required All" /> <Type Name="System.Configuration.AppSettingsSection" Dynamic="Required All" /> </Assembly> </Application> </Directives> ``` My initialization code is as follows: ```c# AWSSDKHandler.RegisterXRayForAllServices(); AWSXRayRecorder.InitializeInstance(); // pass IConfiguration object that reads appsettings.json file ``` Any ideas?
3
answers
0
votes
39
views
Jason T
asked a day ago

Contact form for sending mail from AWS SES using AWS API Gateway

I am trying to create a serverless contact form in S3 that calls AWS API Gateway that then interacts with SES to send an email to a "contact us" email recipient. I am following the tutorial at https://levelup.gitconnected.com/creating-a-serverless-contact-form-on-aws-ff339ad1fa60 and am stuck at the part where I've created the API and am trying to test it with a JSON payload. The problem is the API test behaves as expected and returns a successful http 200 BUT it seems SES is returning an error that looks like -> ``` {"Error":{"Code":"SignatureDoesNotMatch","Message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.","Type":"Sender"},"RequestId":"1559f1b5-7000-4fe5-9d70-38b729adba46"} ``` Here is the entire execution stack from the API test in the AWS API configuration area -> ``` Execution log for request a18a0aa1-fa42-4bc8-a3c0-c6754716398f Fri Dec 02 20:19:12 UTC 2022 : Starting execution for request: a18a0aa1-fa42-4bc8-a3c0-c6754716398f Fri Dec 02 20:19:12 UTC 2022 : HTTP Method: POST, Resource Path: / Fri Dec 02 20:19:12 UTC 2022 : Method request path: {} Fri Dec 02 20:19:12 UTC 2022 : Method request query string: {} Fri Dec 02 20:19:12 UTC 2022 : Method request headers: {} Fri Dec 02 20:19:12 UTC 2022 : Method request body before transformations: { "name": "Test Name", "email": "test@test.com", "phone": "123-456-7890", "message": "This is a test message!" } Fri Dec 02 20:19:12 UTC 2022 : Endpoint request URI: https://email.us-east-1.amazonaws.com/SendEmailToWhomeverILike Fri Dec 02 20:19:12 UTC 2022 : Endpoint request headers: {Authorization=************************************************************************************************************************************************************************************************************************************************************************098c83, X-Amz-Date=20221202T201912Z, x-amzn-apigateway-api-id=1j6iefoiqj, Accept=application/json, User-Agent=AmazonAPIGateway_1j6iefoiqj, X-Amz-Security-Token=IQoJb3JpZ2luX2VjEJX//////////wEaCXVzLWVhc3QtMSJHMEUCIAVdXRcxBZlgf9mN9jqp6OxEtITF/KMl+MzbXyb89NZrAiEAzSxr6P0cIMDwGDkkXOYr1C2KINbRKN2X0zozBMh7fjIq7gIIrf//////////ARADGgwzMzc2MzIxMzUyNDQiDHpwxD6RfZw5uGjCHirCAse0l62z8auypaCu5K+bUgeCqsXqtE7bjBhct1ZG0WK5q5gw3DRKGLPmqPc9nFZ1pbeRUCw5LvuuI+6jQKs2CCJisZlgrGjSD/m1akgPkVsR1FtCNj6z7GEURaTg6r3aqz2KXyrHVft4cex+BoSOeMUMBBXWOKJirppkK8KGz4yNNPYFJ1BPLWQJcWOb6rPi/87pPoey0E3PiwLf1SXTVzkc/S/I/tpLzV7fARx4vheXC7c+SmAHyg/Zm318As5OBCqGBPXKpK0UT/7z4r9/vqDRzCsXXe0FCGJjOyMuM5y9k5bnsT5sRjpenX1DOkUopLoEsc2xTjunfEXKGmfn+M96I+Z3JbrnGMz [TRUNCATED] Fri Dec 02 20:19:12 UTC 2022 : Endpoint request body after transformations: Action=SendEmail&Message.Body.Text.Data=%0AName%3A+%22Test+Name%22%0AEmail%3A+%22test%40test.com%22%0APhone%3A+%22123-456-7890%22%0AMessage%3A+%22This+is+a+test+message%21%22&Message.Subject.Data=Contact+form+submission&Destination.ToAddresses.member.1=DudeDudely%40hotmail.com&Source=no_reply_contact_form_submission%40ThatBigTLD.com Fri Dec 02 20:19:12 UTC 2022 : Sending request to https://email.us-east-1.amazonaws.com/SendEmailToWhomeverILike Fri Dec 02 20:19:12 UTC 2022 : Received response. Status: 403, Integration latency: 21 ms Fri Dec 02 20:19:12 UTC 2022 : Endpoint response headers: {Date=Fri, 02 Dec 2022 20:19:12 GMT, Content-Type=application/json, Content-Length=300, Connection=keep-alive, x-amzn-RequestId=1559f1b5-7000-4fe5-9d70-38b729adba46} Fri Dec 02 20:19:12 UTC 2022 : Endpoint response body before transformations: {"Error":{"Code":"SignatureDoesNotMatch","Message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.","Type":"Sender"},"RequestId":"1559f1b5-7000-4fe5-9d70-38b729adba46"} Fri Dec 02 20:19:12 UTC 2022 : Method response body after transformations: {"Error":{"Code":"SignatureDoesNotMatch","Message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.","Type":"Sender"},"RequestId":"1559f1b5-7000-4fe5-9d70-38b729adba46"} Fri Dec 02 20:19:12 UTC 2022 : Method response headers: {X-Amzn-Trace-Id=Root=1-638a5dc0-85f935e6291eab49e7dbe023, Content-Type=application/json} Fri Dec 02 20:19:12 UTC 2022 : Successfully completed execution Fri Dec 02 20:19:12 UTC 2022 : Method completed with status: 200 ``` I have also tested this in Postman and I get the same results. The JSON payload I used in the test looks like -> ``` { "name": "Test Name", "email": "test@test.com", "phone": "123-456-7890", "message": "This is a test message!" } ``` I have an IAM role associated with this api that looks like ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "Custom", "Effect": "Allow", "Action": [ "ses:SendEmail" ], "Resource": "*" } ] } ```` This IAM role's ARN is referenced in the Integration Request section as Execution role arn:aws:iam::<ABigNumberImNotGoingToShowYou>:role/ApiGatewaySes My main question is ....... do I also need to send some other type of authentication token? If so where would I configure that information?
1
answers
0
votes
24
views
profile picture
asked 2 days ago

AccessDeniedException when retrieving AWS Parameters from Lambda

I am attempting to access system parameters from a Lambda developed using C# I have added the required lambda layer as per https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#ps-integration-lambda-extensions-sample-commands The lambda execution role has the following in the IAM definition (???????? replacing actual account id) ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "ssm:*" ], "Resource": "arn:aws:ssm:*:???????????:parameter/*" } ] } ``` As per the AWS page reference above I made a HTTP GET request to http://localhost:2773/systemsmanager/parameters/get/?name=/ClinMod/SyncfusionKey&version=1 This is failing with the following response ``` { "Version": "1.1", "Content": { "Headers": [ { "Key": "Content-Type", "Value": [ "text/plain" ] }, { "Key": "Content-Length", "Value": [ "31" ] } ] }, "StatusCode": 401, "ReasonPhrase": "Unauthorized", "Headers": [ { "Key": "X-Amzn-Errortype", "Value": [ "AccessDeniedException" ] }, { "Key": "Date", "Value": [ "Thu, 01 Dec 2022 12:16:59 GMT" ] } ], "TrailingHeaders": [], "RequestMessage": { "Version": "1.1", "VersionPolicy": 0, "Content": null, "Method": { "Method": "GET" }, "RequestUri": "http://localhost:2773/systemsmanager/parameters/get/?name=/ClinMod/SyncfusionKey&version=1", "Headers": [], "Properties": {}, "Options": {} }, "IsSuccessStatusCode": false } ```` Any clues where I am going wrong?
2
answers
0
votes
33
views
asked 7 days ago

Concurrently executions from a FIFO queue

I have my FIFO queue connected with a Lambda function. When a message is sent to the queue the function takes and processes it. My problem occurs when more than one message is sent to the queue: I understood that with a FIFO queue, basically, all the messages are processed one by one (if they share the same GroupID). This is not what happens to me: when I send more than one message (5 for example) to the queue in few seconds, than the first message goes in flight while the other messages are waiting, but when the first message process is completed then all the other 4 messages go together in flight!! How can this happen if they share the same GroupID and they are is a FIFO queue? I expect that when the first is completed then the second goes in flight, and the other 3 waits and so on! I think it doesn't depends on the queue setting because I changed all the parameters many times (Visibility time out, content based deduplication and so on). In any case I leave you, below, the screenshots of the parameters setting I now have. My account has a maximum of 10 concurrent executions and it is the exact number of messages that are in flight together at maximum (I tried to send many messages and what happens is that the first is in flight alone and then ten by ten all the others get in flight concurrently, very strange to me). I would like for each group only one execution at a time, the others must wait for the completion of the one that is processing. I want to manage concurrency by the different groupID I give to the message in the queue. I'm sending messages to the queue through aws-sdk in node.js. Can someone help me please? ![Enter image description here](/media/postImages/original/IMq9LZSI5NTICMDyBK0cDvFw) ![Enter image description here](/media/postImages/original/IMZB4MNTTqSjSCcze-hT402g) ![Enter image description here](/media/postImages/original/IMPBK_zjJaTsucQIS75zAFcA)
1
answers
0
votes
19
views
asked 7 days ago