从 AWS Lambda 为使用计划创建 API 密钥
[英]Creating API key for Usage Plan from AWS Lambda
问题描述
I would like to create a new api key from lambda.
我想从 lambda 创建一个新的 api 密钥。 I have usage plan with my Gateway API, created with CF like:我的网关 API 有使用计划,使用 CF 创建,例如:
MyApi:
Type: AWS::Serverless::Api
Properties:
Auth:
UsagePlan:
UsagePlanName: MyUsagePlan
CreateUsagePlan: PER_API
...
...
Using this as a reference https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/APIGateway.html以此为参考https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/APIGateway.html
I guess the process in the lambda should be like this: - createApiKey - getUsagePlan - createUsagePlanKey我猜lambda中的流程应该是这样的: - createApiKey - getUsagePlan - createUsagePlanKey
In the lambda, I have MyApi id and I'm trying to fetch the api:在 lambda 中,我有 MyApi id,我正在尝试获取 api:
var apiGateway = new AWS.APIGateway({region: region});
const restApi = await new Promise((resolve, reject) => {
apiGateway.getRestApi({restApiId: MYAPI_ID}, function(err, data) {
if (err) {
console.log('getRestApi err', err, err.stack);
reject(err);
} else {
console.log('getRestApi', data);
resolve(data);
}
});
});
But this gets timed out by my lambda.但这会被我的 lambda 超时。
If I try to input values manually, it gets timed out as well:如果我尝试手动输入值,它也会超时:
const keyParams = {
keyId: 'xxxxxxxx',
keyType: 'API_KEY',
usagePlanId: 'yyyyyyyy'
};
const apiKey = await new Promise((resolve, reject) => {
apiGateway.createUsagePlanKey(keyParams, function (err, data) {
if (err) {
console.log('createUsagePlanKey err', err, err.stack);
reject(err);
} else {
console.log('createUsagePlanKey', data);
resolve(data);
}
});
});
Why do every function call to api get timed out and nothing gets printed in console.log?为什么对 api 的每个 function 调用都会超时,并且在 console.log 中没有打印任何内容? Is my approach ok or how should I create the new api key for a user?我的方法可以吗,或者我应该如何为用户创建新的 api 密钥?
Edited: Timeout for lambdas is 10 seconds and they run in VPC已编辑:lambda 的超时时间为 10 秒,它们在 VPC 中运行
1 个解决方案
解决方案1
1 2020-05-25 13:27:01
It sounds like you probably haven't configured your VPC to allow your Lambda function to access resources (like the AWS API) that exist outside the VPC.听起来您可能尚未将 VPC 配置为允许您的 Lambda function 访问存在于 VPC 之外的资源(如 AWS API)。 First, is it really necessary to run the function inside a VPC?首先,真的有必要在 VPC 中运行 function 吗? If not then removing it from the VPC should fix the issue.如果没有,那么从 VPC 中删除它应该可以解决问题。
If it is necessary to run the function in a VPC, then you will need to place your Lambda function inside a private subnet with a route to a NAT Gateway, or configure a VPC endpoint for the AWS services it needs to access.如果有必要在 VPC 中运行 function,那么您需要将 Lambda function 放置在私有子网中,该子网具有通往它需要访问的 AWS 服务端点的路由,或配置 VPC网关。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.