我有一些javascript在我的本地机器上运行,但在Lambda内无效。
I've got a bit of javascript which runs on my local machine but doesn't work from within the Lambda.
调用 cognitoidentity.getOpenIdTokenForDeveloperIdentity
{ "errorMessage": "2016-03-17T16:50:25.181Z 4fa3fa5a-ec60-11e5-8316-415fa39313da Task timed out after 15.00 seconds" }在本地它工作正常(调用AWS生产服务)所以它必须是我附加到Lambda的策略。
On local it works fine (calling into AWS production services) so it must be the policy I have attached to the Lambda.
以下是政策我有:
AmazonCognitoDeveloperAuthenticatedIdentities
AWSLambdaVPCAccessExecutionRole
这是我也有的自定义:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "mobileanalytics:PutEvents", "cognito-sync:*" ], "Resource": [ "*" ] }, { "Effect": "Allow", "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:eu-west-1:myaccountid:function:users_login" ] } ] }Lambda ARN直接从该Lambda屏幕复制。什么缺失的想法?
The Lambda ARN was copied directly from that Lambda screen. Any ideas of what's missing?
推荐答案
它必须是我附加的政策
it must be the policy I have attached
不,如果是这种情况,您将收到权限被拒绝错误,而不是超时。
No, if that were the case you would be getting a permission denied error, not a timeout.
看起来您的Lambda函数具有VPC访问权限。您需要为VPC配置NAT网关,以便Lambda函数可以访问VPC之外的任何内容,包括Cognito等AWS服务。
It looks like your Lambda function has VPC access. You need to configure a NAT gateway for your VPC in order for the Lambda function to have access to anything outside the VPC, including AWS services like Cognito.
更多推荐
AWS Lambda无法调用Cognito Identity
发布评论