简体繁体 English

从AWS Lambda JS SDK访问EC2资源

[英]Access EC2 resources from AWS Lambda JS SDK

原文 2015-12-03 23:12:50 4 1 javascript/ node.js/ amazon-web-services/ aws-sdk/ aws-lambda

I'm writing a function which needs to make some requests to EC2 to create and delete snapshots. 我正在编写一个函数，该函数需要向EC2发出一些请求以创建和删除快照。 However there is currently no feature in Lambda to directly making requests with EC2 resources. 但是，Lambda当前没有使用EC2资源直接发出请求的功能。 I'm attempting to use Class: AWS.TemporaryCredentials but there is a notice that writes: 我正在尝试使用Class：AWS.TemporaryCredentials，但有一条写着的通知：

Note: In order to create temporary credentials, you first need to have "master" credentials configured in AWS.Config.credentials. 注意：为了创建临时凭证，您首先需要在AWS.Config.credentials中配置“主”凭证。 These master credentials are necessary to retrieve the temporary credentials, as well as refresh the credentials when they expire. 这些主凭证对于检索临时凭证以及到期时刷新凭证是必需的。

So I'm not sure how to store the credentials since this Lambda is only a function. 因此，由于此Lambda只是一个函数，因此我不确定如何存储凭据。

1 个解决方案

In order for your Lambda function to make EC2 requests, you have to create an IAM role that has the necessary permissions and then associate that role with your IAM function. 为了使Lambda函数发出EC2请求，您必须创建一个具有必要权限的IAM角色，然后将该角色与您的IAM函数相关联。 The AWS Lambda CreateFunction API request has a required parameter called Role which would be the ARN of the new role you have created. AWS Lambda CreateFunction API请求具有一个称为Role的必需参数，该参数将是您创建的新角色的ARN。 In this way, each time your Lambda function is run Lambda will create temporary AWS credentials for it to use that have the permissions defined in the role. 这样，每次运行Lambda函数时，Lambda都会创建临时的AWS凭证供其使用，该凭证具有在角色中定义的权限。