在学习 Lambda 时触发套接字超时
Cognito Lambda trigger socket timeout
我的认知资源上有一个用于预注册触发器的 Lambda 触发器。
我遇到套接字超时问题,但没有找到很多相关文档
{
"err": {
"code": "UnexpectedLambdaException",
"name": "UnexpectedLambdaException",
"message": "arn:aws:lambda:region-arn:function:confirm failed with error Socket timeout while invoking Lambda function."
}
}
我的资源是这样定义的:
"ConfirmPermission" : {
"Type" : "AWS::Lambda::Permission",
"Properties" : {
"Action" : "lambda:InvokeFunction",
"FunctionName" : { "Fn::GetAtt" : [ "confirm", "Arn" ] },
"Principal" : "cognito-idp.amazonaws.com",
"SourceArn" : { "Fn::GetAtt" : [ "Auth", "Arn" ] }
}
},
"confirm" : {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "index.confirm",
"Runtime": "nodejs8.10",
"CodeUri": "./src",
"FunctionName": "confirm",
"ReservedConcurrentExecutions" : 15,
"Timeout": 50,
"Role": "arn:aws:iam::arn:role/lambda-vpc-role"
}
},
"AuthApp" : {
"Type" : "AWS::Cognito::UserPoolClient",
"Properties" : {
"UserPoolId" : {"Ref" : "Auth"}
}
},
"Auth" : {
"Type" : "AWS::Cognito::UserPool",
"Properties": {
"LambdaConfig" : {
"PreSignUp" : { "Fn::GetAtt" : [ "confirm", "Arn" ] }
},
"Schema" : [
{
"AttributeDataType": "String",
"Name": "email",
"Mutable": true,
"Required": true
},
{
"AttributeDataType": "String",
"Name": "family_name",
"Mutable": true,
"Required": true
},
{
"AttributeDataType": "String",
"Name": "given_name",
"Mutable": true,
"Required": true
}
],
"UsernameAttributes": ["email"]
}
}
Lambda 函数:
index.js
let signIn = require('Auth/Auth.js');
exports.signIn = signIn.signIn;
exports.signUp = signIn.signUp;
exports.confirm = signIn.confirm;
注册/确认
exports.signUp = async (event, context) => {
var body = JSON.parse(event.body);
var emailAttribute = {
Name : 'email',
Value: body.email
};
var firstNameAttribute = {
Name: 'given_name',
Value: body.firstName
};
var lastNameAttribute = {
Name: 'family_name',
Value: body.lastName
};
var attributeList = [emailAttribute, firstNameAttribute, lastNameAttribute];
try {
var cognitoUser = await cognitoSignUp(body, attributeList);
return {
statusCode : 200,
body : JSON.stringify({res : cognitoUser})
};
} catch(e) {
return {
statusCode : 500,
body : JSON.stringify({err : e})
};
}
}
exports.confirm = (event, context, callback) => {
event.response.autoConfirmUser = true;
callback(null, event);
return;
}
var cognitoSignUp = (body, attributeList) => new Promise((acc, rej) => {
userPool.signUp(body.email, body.password, attributeList, null, function(err, res) {
if (err) {
console.log('ERROR');
console.log(err);
rej(err);
} else {
console.log('SUCCSSS');
acc(res);
}
});
});
知道是什么原因造成的吗?
您可以将函数的超时增加到 15 分 900 秒,如下所示...
"confirm" : {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "index.confirm",
"Runtime": "nodejs8.10",
"CodeUri": "./src",
"FunctionName": "confirm",
"ReservedConcurrentExecutions" : 15,
"Timeout": 900,
"Role": "arn:aws:iam::arn:role/lambda-vpc-role"
}
},
除非您要对某些内容进行编码 运行 一些冗长的分析,否则您可能甚至不需要 50 秒,更不用说 15 分钟了。你应该检查你的日志某处是否有错误,并确保你正在调用...
callback(null, event);
来自 Lambda 的 return 响应。
事实证明,这是因为确认功能具有阻止网络请求的 aws 资源的 IAM 角色。我不需要此功能的 IAM 角色。删除它后,它可以完美运行。如果你确实需要资源访问,那么你必须使用 nat 网关
在此处查看更多内容:
https://gist.github.com/reggi/dc5f2620b7b4f515e68e46255ac042a7
我的认知资源上有一个用于预注册触发器的 Lambda 触发器。
我遇到套接字超时问题,但没有找到很多相关文档
{
"err": {
"code": "UnexpectedLambdaException",
"name": "UnexpectedLambdaException",
"message": "arn:aws:lambda:region-arn:function:confirm failed with error Socket timeout while invoking Lambda function."
}
}
我的资源是这样定义的:
"ConfirmPermission" : {
"Type" : "AWS::Lambda::Permission",
"Properties" : {
"Action" : "lambda:InvokeFunction",
"FunctionName" : { "Fn::GetAtt" : [ "confirm", "Arn" ] },
"Principal" : "cognito-idp.amazonaws.com",
"SourceArn" : { "Fn::GetAtt" : [ "Auth", "Arn" ] }
}
},
"confirm" : {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "index.confirm",
"Runtime": "nodejs8.10",
"CodeUri": "./src",
"FunctionName": "confirm",
"ReservedConcurrentExecutions" : 15,
"Timeout": 50,
"Role": "arn:aws:iam::arn:role/lambda-vpc-role"
}
},
"AuthApp" : {
"Type" : "AWS::Cognito::UserPoolClient",
"Properties" : {
"UserPoolId" : {"Ref" : "Auth"}
}
},
"Auth" : {
"Type" : "AWS::Cognito::UserPool",
"Properties": {
"LambdaConfig" : {
"PreSignUp" : { "Fn::GetAtt" : [ "confirm", "Arn" ] }
},
"Schema" : [
{
"AttributeDataType": "String",
"Name": "email",
"Mutable": true,
"Required": true
},
{
"AttributeDataType": "String",
"Name": "family_name",
"Mutable": true,
"Required": true
},
{
"AttributeDataType": "String",
"Name": "given_name",
"Mutable": true,
"Required": true
}
],
"UsernameAttributes": ["email"]
}
}
Lambda 函数:
index.js
let signIn = require('Auth/Auth.js');
exports.signIn = signIn.signIn;
exports.signUp = signIn.signUp;
exports.confirm = signIn.confirm;
注册/确认
exports.signUp = async (event, context) => {
var body = JSON.parse(event.body);
var emailAttribute = {
Name : 'email',
Value: body.email
};
var firstNameAttribute = {
Name: 'given_name',
Value: body.firstName
};
var lastNameAttribute = {
Name: 'family_name',
Value: body.lastName
};
var attributeList = [emailAttribute, firstNameAttribute, lastNameAttribute];
try {
var cognitoUser = await cognitoSignUp(body, attributeList);
return {
statusCode : 200,
body : JSON.stringify({res : cognitoUser})
};
} catch(e) {
return {
statusCode : 500,
body : JSON.stringify({err : e})
};
}
}
exports.confirm = (event, context, callback) => {
event.response.autoConfirmUser = true;
callback(null, event);
return;
}
var cognitoSignUp = (body, attributeList) => new Promise((acc, rej) => {
userPool.signUp(body.email, body.password, attributeList, null, function(err, res) {
if (err) {
console.log('ERROR');
console.log(err);
rej(err);
} else {
console.log('SUCCSSS');
acc(res);
}
});
});
知道是什么原因造成的吗?
您可以将函数的超时增加到 15 分 900 秒,如下所示...
"confirm" : {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "index.confirm",
"Runtime": "nodejs8.10",
"CodeUri": "./src",
"FunctionName": "confirm",
"ReservedConcurrentExecutions" : 15,
"Timeout": 900,
"Role": "arn:aws:iam::arn:role/lambda-vpc-role"
}
},
除非您要对某些内容进行编码 运行 一些冗长的分析,否则您可能甚至不需要 50 秒,更不用说 15 分钟了。你应该检查你的日志某处是否有错误,并确保你正在调用...
callback(null, event);
来自 Lambda 的 return 响应。
事实证明,这是因为确认功能具有阻止网络请求的 aws 资源的 IAM 角色。我不需要此功能的 IAM 角色。删除它后,它可以完美运行。如果你确实需要资源访问,那么你必须使用 nat 网关
在此处查看更多内容:
https://gist.github.com/reggi/dc5f2620b7b4f515e68e46255ac042a7