使用 AWS Lambda 创建物联网策略
Create IoT Policy with AWS Lambda
我正在尝试在 AWS Lambda 中创建 IoT 策略。我当前的 Lambda 函数如下所示:
"use strict";
const AWS = require("aws-sdk");
AWS.config.update({ region: "eu-central-1" });
var iot = new AWS.Iot();
exports.handler = async (event, context) => {
var params = {
policyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:xxxxx:client/sander"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:xxxx:topicfilter/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topicfilter/$aws/things/HeikoBohrmaschine/shadow/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:xxxx:topic/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topic/$aws/things/HeikoBohrmaschine/shadow/*"
]
}
]
}`,
policyName: 'sander1231564654654654',
};
try{
iot.createPolicy(params, function (err, data) {
if (err) console.log(err, err); // an error occurred
else {
console.log("test")
console.log(data);
return {
headers: {
"Access-Control-Allow-Origin": "*", // Required for CORS support to work
"Access-Control-Allow-Credentials": true // Required for cookies, authorization headers with HTTPS
},
statusCode: 200,
body: JSON.stringify(data)
};
}
});
}
catch(e){
console.log(e);
}
};
lambda 函数只是 returns null,甚至没有进入 iot.createPolicy() 的回调函数。我也没有试过就试过了。同样的问题。没有正确的错误。我正在使用此文档:https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Iot.html#createPolicy-property
我认为原因是您的函数 returns 在它有机会 运行 您的 iot 部分之前。这是因为 async handlers:
If your code performs an asynchronous task, return a promise to make sure that it finishes running. When you resolve or reject the promise, Lambda sends the response or error to the invoker.
要克服这个问题,您可以使用 const promise = new Promise(...),如 docs 中所示。
我修改了代码以使用 Promise 模式(见下文)。我不能保证它完全有效,但您的函数现在应该能够执行 iot.createPolicy 部分。
"use strict";
const AWS = require("aws-sdk");
AWS.config.update({ region: "eu-central-1" });
var iot = new AWS.Iot();
exports.handler = async (event, context) => {
var params = {
policyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:xxxxx:client/sander"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:xxxx:topicfilter/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topicfilter/$aws/things/HeikoBohrmaschine/shadow/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:xxxx:topic/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topic/$aws/things/HeikoBohrmaschine/shadow/*"
]
}
]
}`,
policyName: 'sander1231564654654654',
};
const promise = new Promise(function(resolve, reject) {
try{
console.log(params);
iot.createPolicy(params, function (err, data) {
if (err) {
console.log(err, err); // an error occurred
reject(Error(err));
}
else {
console.log("test")
console.log(data);
resolve({
headers: {
"Access-Control-Allow-Origin": "*", // Required for CORS support to work
"Access-Control-Allow-Credentials": true // Required for cookies, authorization headers with HTTPS
},
statusCode: 200,
body: JSON.stringify(data)
});
}
});
}
catch(e){
console.log(e);
}
})
return promise
};
我正在尝试在 AWS Lambda 中创建 IoT 策略。我当前的 Lambda 函数如下所示:
"use strict";
const AWS = require("aws-sdk");
AWS.config.update({ region: "eu-central-1" });
var iot = new AWS.Iot();
exports.handler = async (event, context) => {
var params = {
policyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:xxxxx:client/sander"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:xxxx:topicfilter/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topicfilter/$aws/things/HeikoBohrmaschine/shadow/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:xxxx:topic/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topic/$aws/things/HeikoBohrmaschine/shadow/*"
]
}
]
}`,
policyName: 'sander1231564654654654',
};
try{
iot.createPolicy(params, function (err, data) {
if (err) console.log(err, err); // an error occurred
else {
console.log("test")
console.log(data);
return {
headers: {
"Access-Control-Allow-Origin": "*", // Required for CORS support to work
"Access-Control-Allow-Credentials": true // Required for cookies, authorization headers with HTTPS
},
statusCode: 200,
body: JSON.stringify(data)
};
}
});
}
catch(e){
console.log(e);
}
};
lambda 函数只是 returns null,甚至没有进入 iot.createPolicy() 的回调函数。我也没有试过就试过了。同样的问题。没有正确的错误。我正在使用此文档:https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Iot.html#createPolicy-property
我认为原因是您的函数 returns 在它有机会 运行 您的 iot 部分之前。这是因为 async handlers:
If your code performs an asynchronous task, return a promise to make sure that it finishes running. When you resolve or reject the promise, Lambda sends the response or error to the invoker.
要克服这个问题,您可以使用 const promise = new Promise(...),如 docs 中所示。
我修改了代码以使用 Promise 模式(见下文)。我不能保证它完全有效,但您的函数现在应该能够执行 iot.createPolicy 部分。
"use strict";
const AWS = require("aws-sdk");
AWS.config.update({ region: "eu-central-1" });
var iot = new AWS.Iot();
exports.handler = async (event, context) => {
var params = {
policyDocument: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:xxxxx:client/sander"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:xxxx:topicfilter/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topicfilter/$aws/things/HeikoBohrmaschine/shadow/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:xxxx:topic/$aws/things/ManuelBohrmaschine/shadow/*",
"arn:aws:iot:xxxx:topic/$aws/things/HeikoBohrmaschine/shadow/*"
]
}
]
}`,
policyName: 'sander1231564654654654',
};
const promise = new Promise(function(resolve, reject) {
try{
console.log(params);
iot.createPolicy(params, function (err, data) {
if (err) {
console.log(err, err); // an error occurred
reject(Error(err));
}
else {
console.log("test")
console.log(data);
resolve({
headers: {
"Access-Control-Allow-Origin": "*", // Required for CORS support to work
"Access-Control-Allow-Credentials": true // Required for cookies, authorization headers with HTTPS
},
statusCode: 200,
body: JSON.stringify(data)
});
}
});
}
catch(e){
console.log(e);
}
})
return promise
};