无法从已部署的 lambda 检索 S3 Bucket 上的数据
Cannot retrieve data on S3 Bucket from a deployed lambda
我从 lambda 函数调用一个步骤函数,它处理数据并将它们存储在 S3 存储桶中。在此 lambda 函数中,我尝试下载数据,但收到 "AccessDenied" 的错误消息(详见下文)。
如果我第二次 运行 这个 lambda 函数,我不会收到任何错误并且执行成功终止。我的理解是,在第一次 运行 期间,当我尝试下载数据时,数据尚未存储,这可以解释为什么在我第二次尝试时效果很好。
我正在使用 async/await 对,认为这足以在等待数据存储时保持执行。是不是我做的不对?
这里是代码的摘录(步骤函数这里不详述):
async function downloadData(){
var rawData = await s3.getObject({Bucket: 'myBucket/', Key: 'myData.json'}).promise();
var data = JSON.parse(rawData.Body.toString('utf-8'));
return data;
}
async function invokeStepFunction(){
const stepfunctions = new AWS.StepFunctions();
var params = {
stateMachineArn: process.env.state_machine_arn,
input: JSON.stringify({"Bucket": 'myBucket/'})
};
await stepfunctions.startExecution(params).promise();
}
const AWS = require('aws-sdk');
AWS.config.update({region: process.env.region});
const s3 = new AWS.S3({apiVersion: '2006-03-01'});
module.exports.handler = async (event, context) => {
await invokeStepFunction();
const data = await downloadData();
console.log(data);
}
这是错误消息:
{"errorType":"AccessDenied","errorMessage":"AccessDenied","code":"AccessDenied","message":"AccessDenied","region":null,"time":"2020-03-25T13:13:20.832Z","requestId":"...","extendedRequestId":"...","statusCode":403,"retryable":false,"retryDelay":91.97041111587372,"stack":["AccessDenied: Access Denied"," at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:816:35)"," at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20)"," at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10)"," at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:683:14)"," at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10)"," at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12)"," at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10"," at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9)"," at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:685:12)"," at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:116:18)"]}
当您等待 step 函数 startExecution 调用时,您正在等待 AWS Step Functions 指示它已收到您开始执行 Step Function 的请求。它 而不是 表示 Step Function 自身 运行 完成。
因此,您在 Step Function 实际将数据存储在 S3 之前执行 downloadData,并且该文件第一次不存在于 S3 中。当您稍后调用它时,downloadData 似乎成功了,但它几乎肯定会下载存储在 S3 中的对象 previously(从第一个 运行)。
您需要在下载实际发生后的某个时间执行下载步骤。例如,您可以在上传 Step Function 的末尾使下载成为一个附加步骤。
我从 lambda 函数调用一个步骤函数,它处理数据并将它们存储在 S3 存储桶中。在此 lambda 函数中,我尝试下载数据,但收到 "AccessDenied" 的错误消息(详见下文)。
如果我第二次 运行 这个 lambda 函数,我不会收到任何错误并且执行成功终止。我的理解是,在第一次 运行 期间,当我尝试下载数据时,数据尚未存储,这可以解释为什么在我第二次尝试时效果很好。
我正在使用 async/await 对,认为这足以在等待数据存储时保持执行。是不是我做的不对?
这里是代码的摘录(步骤函数这里不详述):
async function downloadData(){
var rawData = await s3.getObject({Bucket: 'myBucket/', Key: 'myData.json'}).promise();
var data = JSON.parse(rawData.Body.toString('utf-8'));
return data;
}
async function invokeStepFunction(){
const stepfunctions = new AWS.StepFunctions();
var params = {
stateMachineArn: process.env.state_machine_arn,
input: JSON.stringify({"Bucket": 'myBucket/'})
};
await stepfunctions.startExecution(params).promise();
}
const AWS = require('aws-sdk');
AWS.config.update({region: process.env.region});
const s3 = new AWS.S3({apiVersion: '2006-03-01'});
module.exports.handler = async (event, context) => {
await invokeStepFunction();
const data = await downloadData();
console.log(data);
}
这是错误消息:
{"errorType":"AccessDenied","errorMessage":"AccessDenied","code":"AccessDenied","message":"AccessDenied","region":null,"time":"2020-03-25T13:13:20.832Z","requestId":"...","extendedRequestId":"...","statusCode":403,"retryable":false,"retryDelay":91.97041111587372,"stack":["AccessDenied: Access Denied"," at Request.extractError (/var/runtime/node_modules/aws-sdk/lib/services/s3.js:816:35)"," at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:106:20)"," at Request.emit (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:78:10)"," at Request.emit (/var/runtime/node_modules/aws-sdk/lib/request.js:683:14)"," at Request.transition (/var/runtime/node_modules/aws-sdk/lib/request.js:22:10)"," at AcceptorStateMachine.runTo (/var/runtime/node_modules/aws-sdk/lib/state_machine.js:14:12)"," at /var/runtime/node_modules/aws-sdk/lib/state_machine.js:26:10"," at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:38:9)"," at Request.<anonymous> (/var/runtime/node_modules/aws-sdk/lib/request.js:685:12)"," at Request.callListeners (/var/runtime/node_modules/aws-sdk/lib/sequential_executor.js:116:18)"]}
当您等待 step 函数 startExecution 调用时,您正在等待 AWS Step Functions 指示它已收到您开始执行 Step Function 的请求。它 而不是 表示 Step Function 自身 运行 完成。
因此,您在 Step Function 实际将数据存储在 S3 之前执行 downloadData,并且该文件第一次不存在于 S3 中。当您稍后调用它时,downloadData 似乎成功了,但它几乎肯定会下载存储在 S3 中的对象 previously(从第一个 运行)。
您需要在下载实际发生后的某个时间执行下载步骤。例如,您可以在上传 Step Function 的末尾使下载成为一个附加步骤。