发生错误:进行无服务器部署时收到 KeypairSecretRotationSchedule
An error occurred: KeypairSecretRotationSchedule received when doing serverless deploy
当我使用无服务器部署我的应用程序时
npx serverless deploy
收到错误
> Serverless Error ----------------------------------------
>
> An error occurred: KeypairSecretRotationSchedule - Rotation is
> blocked by pending secret version 2e0f7504-bc12-1234-3455-23f74aeabacf
> not created by rotation. Remove the AWSPENDING staging label and
> restart rotation. (Service: AWSSecretsManager; Status Code: 400; Error
> Code: InvalidRequestException; Request ID:
> adc85817-9744-4f94-9760-abf753205e92; Proxy: null).
所以,我执行了
D:\scripts>aws secretsmanager describe-secret --secret-id dev-rohit
收到输出
{
"ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt",
"Name": "c2p-dev-rohit-jwt-keypair",
"RotationEnabled": false,
"RotationLambdaARN": "arn:aws:lambda:ap-southeast-1:123456789012:function:dev-rohit",
"RotationRules": {
"AutomaticallyAfterDays": 30
},
"LastRotatedDate": "2021-08-01T10:39:02.132000+05:30",
"LastChangedDate": "2021-09-16T11:52:07.427000+05:30",
"LastAccessedDate": "2021-09-16T05:30:00+05:30",
"VersionIdsToStages": {
"2e0f7504-bc12-1234-3455-23f74aeabacf": [
"bed7",
"AWSPENDING"
],
"4ca2e0e8-56f1-4d3d-a234-3987a6e1044f": [
"AWSPREVIOUS",
"bed5"
],
"afffc3ac-12b5-2348-3274-23ae068c3515": [
"bed6",
"AWSCURRENT"
]
},
"CreatedDate": "2021-03-02T10:35:55.015000+05:30"
}
如何解决这个问题?
有人可以帮帮我吗?
这种轮换会在一段时间后自行发生,还是我必须做一些事情来解决?
D:\scripts>aws secretsmanager get-secret-value --secret-id dev-rohit-jwt --version-stage AWSPENDING
{
"ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt-keypair-BlGCxN",
"Name": "dev-rohit-jwt",
"VersionId": "2e0f7504-bc12-1234-3455-23f74aeabacf",
"SecretString": "{"publicKey":"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDZ3dhYmZQSmJHV3FSTXdqV05LNApyWUkrUG9DRGNHbWRsaDJicTUvbDNwV0FqUUE0SmF4ZURLbkVaWEpUc2VyOGlwMlNoRHpVbU5BR1llSUpXZitxClB5VlJlR2RMSUtiQmNGTlhSU3pRV3JzcUlkUmZwT2lsSUp4cUE1QPdk0wcmsKSTI0Y1lXN3IxVHBncGpldnNRSURBUUFCCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo=","privateKey":"LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUNkZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQW1Bd2dnSmNBZ0VBQW9HQkFLREJwdDg4bHNaYXBFek4KL05QOHRhTlkwcml0Z2o0K2dJTndhWjJXSFp1cm4rWGVsWUNOQURnbHJGNE1xY1JsY2xPeDZ2eUtuWktFUE5TWQowQVpoNGdsWi82by9KVkY0WjBzZ3BzRndVMWRGTE5CYXV5b2gxRitrNktVZ25Hb0RrSCtiZ3EvRXJBd3RtMUtjCmYyeWowNjh6U3VRamJoeGhidXZWT21DbU42K3hBZ01CQUFFQ2dZQm1hQmE2dlNrN2dNQ0xvT2svemd1VDNHQ1kKZndlcVNUeXEvckI1VUFqYWd6RmdTVFFwNlNqTG04dzdPWXZvYmN1djMzWlhuS0lXbFNEL09iM0RZeFdQWndyZApETE5CaWhCUHl4QURzMGxWaVZoNUd1WUpOdHdMOVZXWXZ4WVAvMFM1Y2xTYVJIbWtteWlrbXNISDI3WHF1cXRBCkF2M1ZNcVJOYVp2MTN2dUM5UUpCQU13R2FHR3RucktkZHgwbnNKL3dGbXBHdkdpaGNWaHVpSmkzOGRSSS9ZY0gKQ2hmVzlteDNMK0lhVTVtc1dyMzuTEhQRXlqVjVIckp4QWtFQXE5d2lPOG9FCnJsRXBMWU5DUDBSQWUvSXdUdkZLbVdrYm44Y3k4MWlIUHZ0Q0R0KzhLV2N6STdCQTZRV2tMd0NNQ0pOY2tDdlMKZG5QSzExQmNoZ3FXZHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="}",
"VersionStages": [
"kid7",
"AWSPENDING"
],
"CreatedDate": "2021-08-31T15:38:01.597000+05:30" }
D:\scripts>aws secretsmanager update-secret-version-stage --secret-id dev-rohit-jwt --version-stage AWSPENDING --remove-from-version-id 2e0f7504-bc12-1234-3455-23f74aeabacf
{
"ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt-keypair-BlGCxN",
"Name": "dev-rohit-jwt" }
现在测试带有 AWSPENDING 的密钥是否被删除
D:\scripts>aws secretsmanager get-secret-value --secret-id dev-rohit-jwt --version-stage AWSPENDING
An error occurred (ResourceNotFoundException) when calling the
GetSecretValue operation: Secrets Manager can't find the specified
secret value for staging label: AWSPENDING
现在再次尝试部署,它应该可以正常工作。
特别感谢@Shimo 的指导。
更多解释请参考@committedandroider answer AWS secrets manager, 'A previous rotation isn’t complete' when rotating secrets
当我使用无服务器部署我的应用程序时
npx serverless deploy
收到错误
> Serverless Error ---------------------------------------- > > An error occurred: KeypairSecretRotationSchedule - Rotation is > blocked by pending secret version 2e0f7504-bc12-1234-3455-23f74aeabacf > not created by rotation. Remove the AWSPENDING staging label and > restart rotation. (Service: AWSSecretsManager; Status Code: 400; Error > Code: InvalidRequestException; Request ID: > adc85817-9744-4f94-9760-abf753205e92; Proxy: null).
所以,我执行了
D:\scripts>aws secretsmanager describe-secret --secret-id dev-rohit
收到输出
{
"ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt",
"Name": "c2p-dev-rohit-jwt-keypair",
"RotationEnabled": false,
"RotationLambdaARN": "arn:aws:lambda:ap-southeast-1:123456789012:function:dev-rohit",
"RotationRules": {
"AutomaticallyAfterDays": 30
},
"LastRotatedDate": "2021-08-01T10:39:02.132000+05:30",
"LastChangedDate": "2021-09-16T11:52:07.427000+05:30",
"LastAccessedDate": "2021-09-16T05:30:00+05:30",
"VersionIdsToStages": {
"2e0f7504-bc12-1234-3455-23f74aeabacf": [
"bed7",
"AWSPENDING"
],
"4ca2e0e8-56f1-4d3d-a234-3987a6e1044f": [
"AWSPREVIOUS",
"bed5"
],
"afffc3ac-12b5-2348-3274-23ae068c3515": [
"bed6",
"AWSCURRENT"
]
},
"CreatedDate": "2021-03-02T10:35:55.015000+05:30"
}
如何解决这个问题? 有人可以帮帮我吗? 这种轮换会在一段时间后自行发生,还是我必须做一些事情来解决?
D:\scripts>aws secretsmanager get-secret-value --secret-id dev-rohit-jwt --version-stage AWSPENDING
{ "ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt-keypair-BlGCxN", "Name": "dev-rohit-jwt", "VersionId": "2e0f7504-bc12-1234-3455-23f74aeabacf", "SecretString": "{"publicKey":"LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDZ3dhYmZQSmJHV3FSTXdqV05LNApyWUkrUG9DRGNHbWRsaDJicTUvbDNwV0FqUUE0SmF4ZURLbkVaWEpUc2VyOGlwMlNoRHpVbU5BR1llSUpXZitxClB5VlJlR2RMSUtiQmNGTlhSU3pRV3JzcUlkUmZwT2lsSUp4cUE1QPdk0wcmsKSTI0Y1lXN3IxVHBncGpldnNRSURBUUFCCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo=","privateKey":"LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUNkZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQW1Bd2dnSmNBZ0VBQW9HQkFLREJwdDg4bHNaYXBFek4KL05QOHRhTlkwcml0Z2o0K2dJTndhWjJXSFp1cm4rWGVsWUNOQURnbHJGNE1xY1JsY2xPeDZ2eUtuWktFUE5TWQowQVpoNGdsWi82by9KVkY0WjBzZ3BzRndVMWRGTE5CYXV5b2gxRitrNktVZ25Hb0RrSCtiZ3EvRXJBd3RtMUtjCmYyeWowNjh6U3VRamJoeGhidXZWT21DbU42K3hBZ01CQUFFQ2dZQm1hQmE2dlNrN2dNQ0xvT2svemd1VDNHQ1kKZndlcVNUeXEvckI1VUFqYWd6RmdTVFFwNlNqTG04dzdPWXZvYmN1djMzWlhuS0lXbFNEL09iM0RZeFdQWndyZApETE5CaWhCUHl4QURzMGxWaVZoNUd1WUpOdHdMOVZXWXZ4WVAvMFM1Y2xTYVJIbWtteWlrbXNISDI3WHF1cXRBCkF2M1ZNcVJOYVp2MTN2dUM5UUpCQU13R2FHR3RucktkZHgwbnNKL3dGbXBHdkdpaGNWaHVpSmkzOGRSSS9ZY0gKQ2hmVzlteDNMK0lhVTVtc1dyMzuTEhQRXlqVjVIckp4QWtFQXE5d2lPOG9FCnJsRXBMWU5DUDBSQWUvSXdUdkZLbVdrYm44Y3k4MWlIUHZ0Q0R0KzhLV2N6STdCQTZRV2tMd0NNQ0pOY2tDdlMKZG5QSzExQmNoZ3FXZHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="}", "VersionStages": [ "kid7", "AWSPENDING" ], "CreatedDate": "2021-08-31T15:38:01.597000+05:30" }
D:\scripts>aws secretsmanager update-secret-version-stage --secret-id dev-rohit-jwt --version-stage AWSPENDING --remove-from-version-id 2e0f7504-bc12-1234-3455-23f74aeabacf
{ "ARN": "arn:aws:secretsmanager:ap-southeast-1:123456789012:secret:dev-rohit-jwt-keypair-BlGCxN", "Name": "dev-rohit-jwt" }
现在测试带有 AWSPENDING 的密钥是否被删除
D:\scripts>aws secretsmanager get-secret-value --secret-id dev-rohit-jwt --version-stage AWSPENDING
An error occurred (ResourceNotFoundException) when calling the GetSecretValue operation: Secrets Manager can't find the specified secret value for staging label: AWSPENDING
现在再次尝试部署,它应该可以正常工作。
特别感谢@Shimo 的指导。 更多解释请参考@committedandroider answer AWS secrets manager, 'A previous rotation isn’t complete' when rotating secrets