我正试图使用sam本地调用在本地测试我的lambda函数。错误显示UnknowEndpoint:不可访问的主机:未定义secretsmanager.us-east-1.amazonaws.com' at port这个错误是从我的lambda函数代码内部抛出的,因为我就是从中提取机密的。我也尝试过使用--region-profile选项,但没有成功。就上下文而言,我使用terraform来设计和部署我的基础设施。使用SAML Authorization with Credentials文件让AWS访问我们的VPC环境。当SAM启动Lambda docker容器时,我已经验证了区域设置是否正确。我还验证了我为Lambda提供的参数与VPC版本中运行的密钥管理器相同。
我唯一看到的奇怪的是控制台中的端口未定义,似乎它来自AWS SDK的内部。请注意,当我使用由我们公司的云工程团队创建的机密管理器地形模块时,我不必提供任何端口信息。希望有人能帮助解释这个问题的错误。
USACCMNBSTEMD6R:balance-inquiry czl74b$ sam local invoke -t ./sam-local/template.yaml -e ./sam-local/event.json --debug
2022-01-06 17:23:29,736 | Telemetry endpoint configured to be https://aws-serverless-tools-telemetry.us-west-2.amazonaws.com/metrics
2022-01-06 17:23:29,736 | Using config file: samconfig.toml, config environment: default
2022-01-06 17:23:29,736 | Expand command line arguments to:
2022-01-06 17:23:29,736 | --template_file=/Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local/template.yaml --event=./sam-local/event.json --no_event --layer_cache_basedir=/Users/czl74b/.aws-sam/layers-pkg --container_host=localhost --container_host_interface=127.0.0.1
2022-01-06 17:23:29,736 | local invoke command is called
2022-01-06 17:23:29,743 | No Parameters detected in the template
2022-01-06 17:23:29,761 | There is no customer defined id or cdk path defined for resource BalanceInquiry, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,761 | There is no customer defined id or cdk path defined for resource CommonUtils, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,761 | There is no customer defined id or cdk path defined for resource NpmLibs, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,761 | 3 stacks found in the template
2022-01-06 17:23:29,762 | No Parameters detected in the template
2022-01-06 17:23:29,774 | There is no customer defined id or cdk path defined for resource BalanceInquiry, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,774 | There is no customer defined id or cdk path defined for resource CommonUtils, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,774 | There is no customer defined id or cdk path defined for resource NpmLibs, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,775 | 3 resources found in the stack
2022-01-06 17:23:29,775 | No Parameters detected in the template
2022-01-06 17:23:29,790 | There is no customer defined id or cdk path defined for resource BalanceInquiry, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,790 | There is no customer defined id or cdk path defined for resource CommonUtils, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,790 | There is no customer defined id or cdk path defined for resource NpmLibs, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,790 | No Parameters detected in the template
2022-01-06 17:23:29,802 | There is no customer defined id or cdk path defined for resource BalanceInquiry, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,802 | There is no customer defined id or cdk path defined for resource CommonUtils, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,803 | There is no customer defined id or cdk path defined for resource NpmLibs, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,803 | --base-dir is not presented, adjusting uri ../../../../common-utils relative to /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local/template.yaml
2022-01-06 17:23:29,803 | No Parameters detected in the template
2022-01-06 17:23:29,815 | There is no customer defined id or cdk path defined for resource BalanceInquiry, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,815 | There is no customer defined id or cdk path defined for resource CommonUtils, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,815 | There is no customer defined id or cdk path defined for resource NpmLibs, so we will use the resource logical id as the resource id
2022-01-06 17:23:29,815 | --base-dir is not presented, adjusting uri ../../../../npm-libs relative to /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local/template.yaml
2022-01-06 17:23:29,815 | Found Serverless function with name='BalanceInquiry' and CodeUri='../'
2022-01-06 17:23:29,816 | --base-dir is not presented, adjusting uri ../ relative to /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local/template.yaml
2022-01-06 17:23:29,840 | Found one Lambda function with name 'BalanceInquiry'
2022-01-06 17:23:29,840 | Invoking main.handler (nodejs14.x)
2022-01-06 17:23:29,840 | Environment variables overrides data is standard format
2022-01-06 17:23:29,840 | Loading AWS credentials from session with profile 'None'
2022-01-06 17:23:29,850 | Resolving code path. Cwd=/Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local, CodeUri=/Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry
2022-01-06 17:23:29,850 | Resolved absolute path to code is /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry
2022-01-06 17:23:29,850 | Code /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry is not a zip/jar file
2022-01-06 17:23:29,850 | Code /Users/czl74b/dev-js/lending-api-innovation/src/common-utils is not a zip/jar file
2022-01-06 17:23:29,850 | Code /Users/czl74b/dev-js/lending-api-innovation/src/npm-libs is not a zip/jar file
2022-01-06 17:23:29,850 | CommonUtils is a local Layer in the template
2022-01-06 17:23:29,850 | Resolving code path. Cwd=/Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local, CodeUri=/Users/czl74b/dev-js/lending-api-innovation/src/common-utils
2022-01-06 17:23:29,850 | NpmLibs is a local Layer in the template
2022-01-06 17:23:29,850 | Resolving code path. Cwd=/Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry/sam-local, CodeUri=/Users/czl74b/dev-js/lending-api-innovation/src/npm-libs
2022-01-06 17:23:29,851 | arn:aws:lambda:us-east-1:027255383542:layer:AWS-AppConfig-Extension:55 is already cached. Skipping download
Building image................................
2022-01-06 17:23:41,146 | Skip pulling image and use local one: samcli/lambda:nodejs14.x-x86_64-d5b52b0afc3579e405e95c7df.
2022-01-06 17:23:41,146 | Mounting /Users/czl74b/dev-js/lending-api-innovation/src/apis/sor/balance-inquiry as /var/task:ro,delegated inside runtime container
2022-01-06 17:23:41,598 | Starting a timer for 3 seconds for function 'BalanceInquiry'
START RequestId: 3b9f7abb-02d1-46e8-8b6b-321f9e5467ed Version: $LATEST
2022-01-07T00:23:43.539Z 3b9f7abb-02d1-46e8-8b6b-321f9e5467ed INFO getSecrets :: getSecretValue Error: UnknownEndpoint: Inaccessible host: `secretsmanager.us-east-1.amazonaws.com' at port 'undefined'. This service may not be available in the `us-east-1' region.
SAM本地调用将lambda函数作为docker容器运行。如果在公司代理之后,此lambda中的AWS SDK需要设置代理才能与实际的AWS服务进行通信。我能够通过使用代理npm模块来解决问题。你可以在这里阅读。
https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-configuring-proxies.html
以下是代码中的情况。
const AWS = require('aws-sdk');
const { HTTP_PROXY, LOCAL } = process.env;
if(LOCAL === 'TRUE'){
// lazy load proxy-agent only in LOCAL for sam local testing
const proxy = require('proxy-agent');
AWS.config.update({ httpOptions: { agent: proxy(HTTP_PROXY>) }});
}