[英]AWS Lambda: How To Remove Environmental Variables from Configuration
I have a lambda function that used to use encrypted environmental variables set in the lambda configuration but I no longer need them.我有一个 lambda 函数,它曾经使用在 lambda 配置中设置的加密环境变量,但我不再需要它们了。 I tried removing the env variable in the UI and it no longer shows up but still seeing in the logs:我尝试删除 UI 中的 env 变量,它不再显示,但仍在日志中看到:
"Found credentials in environment variables." “在环境变量中找到凭据。”
I also tried using the update-function-code command without passing an env variable which doesn't work.我还尝试使用 update-function-code 命令而不传递不起作用的 env 变量。
Any way to remove the encrypted env variables from my lambda function configuration?有什么方法可以从我的 lambda 函数配置中删除加密的 env 变量? I want to ensure unused/unneeded things are removed.我想确保删除未使用/不需要的东西。
Thanks!谢谢!
I believe it is a standard output from the inner workings of python lambdas that use boto.我相信这是使用 boto 的 python lambdas 内部工作的标准输出。 None of my python Lambdas have credentials and yet I have the same message in all logs of python lambdas.我的 python Lambda 都没有凭据,但我在 python lambda 的所有日志中都有相同的消息。
The log message is coming from the "botocore" logger.日志消息来自“botocore”记录器。
This will effectively suppress that message and others from boto3
:这将有效地抑制来自boto3
的消息和其他消息:
logging.getLogger("boto3").setLevel(logging.WARNING)
logging.getLogger("botocore").setLevel(logging.WARNING)
I know it's a little late to this, but here is my understanding.我知道这有点晚了,但这是我的理解。
The statement "Found credentials in environment variables."语句“在环境变量中找到凭据”。 does not have anything to do with the environment variables you configured.与你配置的环境变量没有任何关系。 Apparently, Lambda has a set of reserved environment variables and when your code tries to connect to other AWS services (like S3, SNS etc), Lambda tries to read the credentials from reserved environment variables to make a connection to the other service and in the process logs the statement about where it found the credentials to "stdout"显然,Lambda 有一组保留的环境变量,当您的代码尝试连接到其他 AWS 服务(如 S3、SNS 等)时,Lambda 会尝试从保留的环境变量中读取凭证以建立与其他服务的连接,并在进程将有关它在何处找到凭据的声明记录到“stdout”
According to this article , when you have a logger configured with INFO level, then all the.info() statements by your code and the AWS SDK will be logged to "stdout" and thereby ending up in CloudWatch logs.根据这篇文章,当您有一个配置了 INFO 级别的记录器时,您的代码和 AWS SDK 的所有 .info() 语句都将记录到“stdout”,从而最终出现在 CloudWatch 日志中。 Try setting the logger level to WARNING and observe the logs.尝试将记录器级别设置为警告并观察日志。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.