S3 事件如何触发 VPC 中的 Lambda 函数?
[英]How can an S3 event trigger a Lambda Function in a VPC?
问题描述
I have one query.
我有一个查询。 I tried to google it but could not find the answer specific to my query.我试图用谷歌搜索,但找不到特定于我的查询的答案。
S3 is a global service. S3 是一项全球服务。 We can access it via the internet or using the VPC endpoint from our private network.我们可以通过 Internet 或使用我们的专用网络中的 VPC 端点访问它。 That I understand.我明白了。
If lambda functions are present inside VPC.如果 VPC 中存在 lambda 函数。 Then how does s3 event trigger lambda functions?那么s3事件是如何触发lambda函数的呢?
1 个解决方案
解决方案1
2 已采纳 2022-05-13 07:09:15
You have to differentiate between the Lambda Service, a Lambda Function, and an Execution Context.您必须区分 Lambda 服务、Lambda 函数和执行上下文。
The Lambda service operates the Lambda functions, and an Execution Context is an instance of a Lambda Function. Lambda 服务操作 Lambda 函数,Execution Context 是 Lambda 函数的一个实例。 Only the Execution Context is located in the VPC.只有执行上下文位于 VPC 中。 The rest of the components reside outside of it.其余组件位于其外部。 The Lambda service can always communicate with the Execution Contexts of any particular Lambda Function to pass events to it and monitor the execution. Lambda 服务始终可以与任何特定 Lambda 函数的执行上下文通信,以将事件传递给它并监控执行。 It does that through a private channel and not through the VPC.它通过私有渠道而不是通过 VPC 来实现。
S3 is also not really a global service. S3 也不是真正的全球服务。 The buckets and APIs reside in specific regions.存储桶和 API 位于特定区域。 It has a global namespace, meaning that bucket names have to be globally unique.它有一个全局命名空间,这意味着存储桶名称必须是全局唯一的。 This means some APIs will do "global checks", but when S3 acts, it acts inside of a region.这意味着一些 API 会进行“全局检查”,但是当 S3 起作用时,它会在一个区域内起作用。
Let's talk through what happens in the S3-Lambda integration.让我们讨论一下 S3-Lambda 集成中发生的情况。 When an event happens in a bucket (eg an object is created), the S3 service checks, which endpoints are interested in this event.当存储桶中发生事件(例如创建对象)时,S3 服务会检查哪些端点对此事件感兴趣。 If you want to send an event to a Lambda function, it has to be in the same region as the bucket.如果要将事件发送到 Lambda 函数,它必须与存储桶位于同一区域。 S3 will then contact the Lambda service and tell it to invoke the Lambda function with this specific event.然后,S3 将联系 Lambda 服务并告诉它使用此特定事件调用 Lambda 函数。 S3 doesn't care about the results here. S3 不关心这里的结果。
This is where Lambda takes over.这就是 Lambda 接管的地方。 The service checks if S3 is permitted to invoke the function in question.该服务检查是否允许 S3 调用相关函数。 If that's the case, it will check for existing Execution Contexts for that function that aren't busy.如果是这种情况,它将检查不忙的该功能的现有执行上下文。 Once it finds one, it sends the event to the Execution Context, which is executed inside the VPC and can access resources in the VPC.一旦找到,它将事件发送到执行上下文,该执行上下文在 VPC 内部执行,并且可以访问 VPC 中的资源。
Assuming everything goes well, this is how it ends, otherwise, Lambda will retry the event in another Execution Context.假设一切顺利,这就是它的结束方式,否则,Lambda 将在另一个执行上下文中重试该事件。
References参考
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.