My dotnet web application lambda was working great, I have the distributed Redis cache working with data protection enabled with services.AddDataProtection(). PersistKesToAWSSystemsManager ("/AWCWebManager/DataProtection"). Everything worked fine for a more than 10 days of testing and development, however after a seemingly incremental and unrelated change to the app after publishing to AWS Lambda now the Web client on access to the application times out with:
{"message": "Endpoint request timed out"}
In the Event Logs I see:
021-05-27 01:15:08: [40m[32minfo[39m[22m[49m: Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository[0]
2021-05-27 01:15:08: Using SSM Parameter Store to persist DataProtection keys with parameter name prefix /AWCWebManager/DataProtection/
2021-05-27 01:15:08: [Information] Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository: Using SSM Parameter Store to persist DataProtection keys with parameter name prefix /AWCWebManager/DataProtection/
2021-05-27 01:15:42: [41m[30mfail[39m[22m[49m: Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository[0]
2021-05-27 01:15:42: Error calling SSM to get parameters starting with /AWCWebManager/DataProtection/: Name or service not known
2021-05-27 01:15:42: [Error] Amazon.AspNetCore.DataProtection.SSM.SSMXmlRepository: Error calling SSM to get parameters starting with /AWCWebManager/DataProtection/: Name or service not known
2021-05-27 01:15:42: [41m[30mfail[39m[22m[49m: Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48]
2021-05-27 01:15:42: An error occurred while reading the key ring.
Checking IAM the application role has full access to SSM.
The AWS Systems Manager Parameter Store has a few rows with proper prefix and different /key suffix.
Anyone have suggestions as to what could cause the data session protection with SSM to glitch like this?
Thanks,
Mike