Questions tagged with Developer Tools

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

How to get ip addresses of apigateway vpce using cdk?

**Background context / End goal:** I am trying to use cdk to create a target group that consists of the ip addresses that are associated with a vpc endpoint (for apigateway) as per this [AWS blog.][1] Ideally, I would like to be able to just lookup the associated ips using just the fact that the vpce is for the service of apigateway OR potentially using the vpce id. **Problem** I cannot find a way to get the network interface ids & ip addresses for the vpc endpoint. **Attempts** 1. I tried to use the cdk [InterfaceVpcEndpoint construct][2] static method using the fromInterfaceVpcEndpointAttributes (filtering by service). It did return the desired vpce, but unfortunately it returns [in the format of IInterfaceVpcEndpoint][3] which does not have the vpceNetworkInterfaceIds attribute that the InterfaceVpcEndpoint construct has 2. I was able to use [AwsCustomResource][4] (after consulting a stack overflow post that referenced [this example][5]) to look up the ip addresses for a given array of vpce network interface ids: ``` const vpceNetworkInterfaceIds = =['eniId1', 'eniId2']; const getEniIps = new AwsCustomResource(scope, `GetEndpointIps`, { onUpdate: { service: "EC2", action: "describeNetworkInterfaces", parameters: { NetworkInterfaceIds: vpceNetworkInterfaceIds }, physicalResourceId: PhysicalResourceId.of(Date.now().toString()) }, policy: AwsCustomResourcePolicy.fromSdkCalls({ resources: AwsCustomResourcePolicy.ANY_RESOURCE }), }); const privateIpAddresses: string[] = []; for(let i = 0; i< vpceNetworkInterfaceIds.length; i++){ const privateIpAddress: string = getNetworkInterfaceIpAddresses.getResponseField(`NetworkInterfaces.${i}.PrivateIpAddress`).toString(); privateIpAddresses.push(privateIpAddress); } return privateIpAddresses; } ``` 3. I tried to make a similar sdk call ([describeVpcEndpoints][6]), but then I encountered issues retrieving the array of NetworkInterfaceIds. ``` const getNetworkInterfaceIpAddresses = new AwsCustomResource(scope, `GetVpceNetworkInterfaceIds`, { onUpdate: { service: "EC2", action: "describeVpcEndpoints", parameters: { Filters: [ { Name: "service-name", Values: ["com.amazonaws.us-east-1.execute-api"] } ] }, physicalResourceId: PhysicalResourceId.of(Date.now().toString()) }, policy: AwsCustomResourcePolicy.fromSdkCalls({ resources: AwsCustomResourcePolicy.ANY_RESOURCE }), }); return getNetworkInterfaceIpAddresses.getResponseFieldReference(`VpcEndpoints.0.NetworkInterfaceIds`).toJSON(); ``` I tried variations of using the [Reference][7] methods of toJson, toString, Token.asXXX but was not able to figure out how to get the array of values from this custom resource. One of the errors that I got was "Vendor response doesn't contain VpcEndpoints.0.NetworkInterfaceIds key in object ....." but when I made the describeVpcEndpoints call via cli, I can definitely see that there is a VpcEndpoints.0.NetworkInterfaceIds value that should be populated. **Questions** 1. How can you get an array from the sdk call of a aws custom resource? 2. How can you debug cdk aws custom resources that make sdk calls? Logging locally only yields the tokens which is not helpful. 3. Is there a more straight forward way to get the vpceNetworkInterfaceIds of a given vpce? 4. Is there a more straight forward way to get the ip addresses for a given vpce? [1]: https://aws.amazon.com/blogs/networking-and-content-delivery/accessing-an-aws-api-gateway-via-static-ip-addresses-provided-by-aws-global-accelerator/ [2]: https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.InterfaceVpcEndpoint.html#vpcendpointnetworkinterfaceids [3]: https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.IInterfaceVpcEndpoint.html [4]: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.custom_resources.AwsCustomResource.html#getwbrresponsewbrfielddatapath [5]: https://github.com/taimos/cdk-constructs/blob/master/lib/serverless/internal-rest-api.ts#L117 [6]: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/EC2.html#describeVpcEndpoints-property [7]: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.Reference.html#towbrstringwbrlist
1
answers
0
votes
65
views
asked 13 days ago

IDT 4.5.11 Error in retrieving AwsCredentials from TES

I am using IDT 4.5.11 running test suite GGV2Q_2.4.1 on Greengrass 2.7.0. I failed the [mqttpubsub] and [cloudcomponent] test groups. Below are logs from mqttpubsub/greengrass.log, I am not sure what credential is expired as the Access & Secret Key are both newly created. Any idea how to solve this issue? 2022-11-21T19:04:13.050Z [DEBUG] (pool-2-thread-6) com.aws.greengrass.tes.CredentialRequestHandler: Received response from cloud: response code 200, not logging credentials. {iotCredentialsPath=/role-aliases/idt-a1a2f5615374392fcbc9-ggc-role-alias/credentials, statusCode=200} 2022-11-21T19:04:13.050Z [ERROR] (pool-2-thread-6) com.aws.greengrass.tes.CredentialRequestHandler: Unable to cache expired credentials which expired at 2022-11-21T12:03:44Z. {iotCredentialsPath=/role-aliases/idt-a1a2f5615374392fcbc9-ggc-role-alias/credentials} 2022-11-21T19:04:13.051Z [ERROR] (pool-2-thread-6) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/idt-a1a2f5615374392fcbc9-ggc-role-alias/credentials, credentialData=TES responded with expired credentials: {"credentials":{"accessKeyId":"ASIAZ625MVFNBTBLFT6Z","secretAccessKey":"WD5VbRjGmp3mDhqSL6udPjID9cZ+b2WEQ4Rf/CWu","sessionToken":"IQoJb3JpZ2luX2VjEIP//////////wEaCXVzLXdlc3QtMiJIMEYCIQCJXJM5KGN71gUQvo5F5j7T2n74d4qc+i066ZDrDIYOpgIhAPJG1U4LyhLFkOjQQbCo9Bq1ht9boqtfiQUE2I03P/OaKqwECIz//////////wEQABoMNjg0NzA2Mjc3NzIyIgzH/z2OTB04Urnlr3wqgARdz+wbs2oS/Hr1h2Ep8KCHqbBaixaDRDCa3HawQkI+UW3r+A7JcXiiM2MZcNNjgr2X+YOdgwpPA6Pd+3b7V8fXcQudkxQfSCXJcoB0gssCi/IrlNe8mdRViN/hfxNIk1H91RxygSE/epH+f2WEfh7lt81ZUNTelBfxor36InjawZu3t0ZLv74ZIlJBcjxNSajKaxg8lKB+sxoQzaF6OlR0nrkx2W0Np9ikFk1eYeWCWyOgnQ8PhcRKivTU77b7KXlOCCkkpITxMU0/gf8EuWfsy9Ik9KQZjr/CNxgvIo8nE7VE0Be1TEvRdRwP5VsH3+EAxCv5VJkXFg8vka7R01JKkweDXEb3JVJhcKz82xr9hIFo5an34InDbc3ssC/I19/ZSZHygVE+aEjgujpmrhLkDUThSsjm8E6+rHdDoY3W+ugL2ik/Yjwk04jT/nl49T86woRk+bU08VW03Vwk+kfqpMX34mP4FntuChc8Niig3E0jWznlX4N595tg+LUj6LXjpaYFNkQbena1b7iXalA+zxHw11GS+V5oisipH9zsCNrdI9hhzqpPt+YhyPCLg28H7hXNLUezxdJAaVjlAuOS8SUR9R35A+POFuUp5T0nLi5XutGPq7r2q+kh1RXCbLKlCM4ajyejb6jsr4tlyo/VUPY/FVXghoIVaPDOBUHh3zCQtu2bBjrFAcsqM7H6gspDrVero0uPfAuHgExojSa3UsIu6kgEWmPJeFTonceeZemuQp8flqxLsdnRcC5IAHd19XA3w35MWGZ+9tcSOVYSpzYepdXw31iVMoFqs1bYLF5NtbqlTZKHrM1O7M5rZsyH7Z2D4JzMMqAwGUhb4bdpp+1Aouvlpm6NE63FPqrvsh0SNpGurRYE2Ijwtj0Kmt1Q+oM0uxrh+gZB77aWGxzjVnQORpoVGWn6oynNxR/LlI5LfmGfDawKMozMQxpk","expiration":"2022-11-21T12:03:44Z"}}} 2022-11-21T19:04:13.051Z [DEBUG] (pool-2-thread-6) com.aws.greengrass.componentmanager.builtins.S3Downloader: get-bucket-location. task failed and will be retried. {task-attempt=7, componentIdentifier=aws.greengrass.IotMqttSubscriber, artifactUri=s3://idt-a1a2f5615374392fcbc9-gg-component-store/greengrass/components/artifacts/aws-greengrass-testing-features-mqtt.zip} software.amazon.awssdk.core.exception.SdkClientException: Failed to fetch credentials at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:98) at software.amazon.awssdk.core.exception.SdkClientException.create(SdkClientException.java:39) at com.aws.greengrass.tes.LazyCredentialProvider.resolveCredentials(LazyCredentialProvider.java:31) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.resolveCredentials(AwsExecutionContextBuilder.java:171) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:108) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:69) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:78) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:175) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:76) at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:56) at software.amazon.awssdk.services.s3.DefaultS3Client.getBucketLocation(DefaultS3Client.java:3382) at com.aws.greengrass.componentmanager.builtins.S3Downloader.lambda$getRegionClientForBucket$2(S3Downloader.java:134) at com.aws.greengrass.util.RetryUtils.runWithRetry(RetryUtils.java:50) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getRegionClientForBucket(S3Downloader.java:133) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getDownloadSize(S3Downloader.java:115) at com.aws.greengrass.componentmanager.ComponentManager.prepareArtifacts(ComponentManager.java:420) at com.aws.greengrass.componentmanager.ComponentManager.preparePackage(ComponentManager.java:377) at com.aws.greengrass.componentmanager.ComponentManager.lambda$preparePackages$1(ComponentManager.java:338) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829)
2
answers
1
votes
41
views
asked 13 days ago

DynamoDB Javascript v3 API GetItemCommand UnknownOperationException

I'm trying to use the JavaScript v3 api to retrieve a single item from DynamoDB in a nodejs lambda. I'm getting UnknownOperationException. Here's the parameter object I'm passing into GetItemCommand: ``` { "TableName": "test_biblestudy_tools_user", "Key": { "userid": { "S": "06f4dc4b-3368-4277-9dbe-892edec668c6" } }, "ProjectionExpression": "email" } ``` The lambda's execution role has GetItem on the table. One thing I wanted to do was turn on HTTP wire tracing for this, but I didn't see any example of how to do that when using the JavaScript v3 api. Right now all I'm configuring is the region, and I don't know how to configure anything else: ``` import { DynamoDBClient, GetItemCommand, TransactWriteItemsCommand } from '@aws-sdk/client-dynamodb'; const db_client = new DynamoDBClient({ region: 'us-east-1' }); ``` How can I configure this client for http wire trace? Would that likely show me something useful here? I tried CloudTrail Data Plane Event Logging, but the failed call doesn't create a log. Here's the full error from the CloudWatch log: ``` UnknownOperationException: UnknownError at throwDefaultError (/var/task/node_modules/@aws-sdk/client-dynamodb/node_modules/@aws-sdk/smithy-client/dist-cjs/default-error-handler.js:8:22) at deserializeAws_json1_0GetItemCommandError (/var/task/node_modules/@aws-sdk/client-dynamodb/dist-cjs/protocols/Aws_json1_0.js:1740:51) at processTicksAndRejections (node:internal/process/task_queues:96:5) at async /var/task/node_modules/@aws-sdk/client-dynamodb/node_modules/@aws-sdk/middleware-serde/dist-cjs/deserializerMiddleware.js:7:24 at async StandardRetryStrategy.retry (/var/task/node_modules/@aws-sdk/middleware-retry/dist-cjs/StandardRetryStrategy.js:51:46) at async /var/task/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:6:22 at async Runtime.handler (file:///var/task/index.js:139:23) { '$fault': 'client', '$metadata': { httpStatusCode: 400, requestId: 'c688c34f-7c64-4d9a-9eb4-3258ee5aecf6', extendedRequestId: undefined, cfId: undefined, attempts: 1, totalRetryDelay: 0 }, __type: 'com.amazon.coral.service#UnknownOperationException' } ```
2
answers
0
votes
45
views
asked 15 days ago