在Python AWS Lambda中使用AWS加密SDK
[英]Using aws encryption SDK in python AWS lambda
问题描述
I tried using the aws encryption lib to encrypt/decrypt data with a KMS key in an AWS Lambda ( using python ). 
我尝试使用aws加密库通过AWS Lambda中的KMS密钥(使用python)对数据进行加密/解密。 However, I get errors when running the lambda ( complaining about shared libs not found, I will update later with exact lib ). 但是,运行lambda时出现错误(抱怨找不到共享库,稍后将使用确切的lib进行更新)。 I am guessing that the SDK is using shared libs that are not installed in the AWS lambda environment. 我猜想该SDK使用的是AWS Lambda环境中未安装的共享库。
This is the SDK I am using: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/python.html 这是我正在使用的SDK: https : //docs.aws.amazon.com/encryption-sdk/latest/developer-guide/python.html
When building my package I am doing pip install aws-encryption-sdk and cryptography. 构建软件包时,我正在执行pip install aws-encryption-sdk和密码术。
Anyone who can give me pointers how to fix it? 谁能给我指点如何解决它?
Update: 更新:
Here is the error message: 这是错误消息:
Unable to import module 'lambdaMain': libffi-d78936b1.so.6.0.4: cannot open shared object file: No such file or directory
Update 2: For those wondering about the solution. 更新2:对于那些想知道解决方案的人。 I built the library on the wrong platform. 我在错误的平台上构建了库。 It's really important to do the pip install etc on an amazon AMI that's compatible with whatever lambda runtime you are using. 在与您使用的任何lambda运行时兼容的亚马逊AMI上进行pip安装等非常重要。
2 个解决方案
解决方案1
3 已采纳 2018-06-18 07:12:27
The aws-encryption-sdk requires cryptography library: aws-encryption-sdk 需要加密库:
The SDK requires the cryptography library on all platforms.
It seems the Lambda environment does not have the required libraries, so you need to add them. 看来Lambda环境没有必需的库,因此您需要添加它们。
Unfortunately Miserlou's lambda-packages does not have it, so you need to compile yourself. 不幸的是,Miserlou的lambda软件包没有它,因此您需要进行编译。
Couple pointers: 几个指针:
解决方案2
1 2018-10-06 14:11:13
I had multiple issues when trying to package my libs / requirements and heres the steps that resolved the issue for me: 尝试打包我的库/需求时遇到多个问题,以下是为我解决问题的步骤:
1) Create a new EC2 instance using Amazon Linux AMI 1)使用Amazon Linux AMI创建新的EC2实例
2) Install any requirements sudo yum install python36 python36-virtualenv python36-pip -y 2)安装任何要求sudo yum install python36 python36-virtualenv python36-pip -y
3) Create new virtual enviroment using python3 virtualenv -p python3 . 3)使用python3 virtualenv -p python3 .创建新的虚拟环境virtualenv -p python3 .
4) Install any requirements using pip3 pip3 install aws_encryption_sdk 4)使用pip3安装任何要求pip3 install aws_encryption_sdk
5) Everything in both lib and lib64 must be added (including hidden files) 5)必须同时添加lib和lib64中的所有内容(包括隐藏文件)
zip -r -9 /tmp/export.zip lib64/python3.6/site-packages/* lib64/python3.6/site-packages/.*
zip -r -9 /tmp/export.zip lib/python3.6/site-packages/* lib/python3.6/site-packages/.*
zip -r -9 /tmp/export.zip main.py
Hope this helps. 希望这可以帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.