AWS Lambda 未向 AWS SQS DLQ 发送错误消息
AWS Lambda is not sending error messages to AWS SQS DLQ
我正在尝试通过 terraform 创建一个由 Kinesis 触发的 lambda,她在失败时的目标将是 AWS SQS。
我创建了 lambda 并配置了源和目标
当我向 Kinesis 队列发送消息时,lambda 被触发但没有向 DLQ 发送消息。
我错过了什么?
我的 labmda 源映射:
resource "aws_lambda_event_source_mapping" "csp_management_service_integration_stream_mapping" {
event_source_arn = local.kinesis_csp_management_service_integration_stream_arn
function_name = module.csp_management_service_integration_lambda.lambda_arn
batch_size = var.shared_kinesis_configuration.batch_size
bisect_batch_on_function_error = var.shared_kinesis_configuration.bisect_batch_on_function_error
starting_position = var.shared_kinesis_configuration.starting_position
maximum_retry_attempts = var.shared_kinesis_configuration.maximum_retry_attempts
maximum_record_age_in_seconds = var.shared_kinesis_configuration.maximum_record_age_in_seconds
function_response_types = var.shared_kinesis_configuration.function_response_types
destination_config {
on_failure {
destination_arn = local.shared_default_sqs_error_handling_dlq_arn
}
}
}
resource "aws_iam_policy" "shared_deadletter_sqs_queue_policy" {
name = "shared-deadletter-sqs-queue-policy"
path = "/"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"sqs:SendMessage",
]
Effect = "Allow"
Resource = [
local.shared_default_sqs_error_handling_dlq_arn
]
},
]
})
}
我认为您遇到了一些权限问题,请尝试将角色附加到您的 lambda 函数以访问 AWS SQS DLQ。
你应该看看下面的指标,看看你是否有权限错误
你的DLQ是用KMS加密的吗?除了 SQS 权限之外,您还需要提供对 KMS 的最高权限
Lambda 报错是怎么回事?
我正在尝试通过 terraform 创建一个由 Kinesis 触发的 lambda,她在失败时的目标将是 AWS SQS。
我创建了 lambda 并配置了源和目标
当我向 Kinesis 队列发送消息时,lambda 被触发但没有向 DLQ 发送消息。
我错过了什么?
我的 labmda 源映射:
resource "aws_lambda_event_source_mapping" "csp_management_service_integration_stream_mapping" {
event_source_arn = local.kinesis_csp_management_service_integration_stream_arn
function_name = module.csp_management_service_integration_lambda.lambda_arn
batch_size = var.shared_kinesis_configuration.batch_size
bisect_batch_on_function_error = var.shared_kinesis_configuration.bisect_batch_on_function_error
starting_position = var.shared_kinesis_configuration.starting_position
maximum_retry_attempts = var.shared_kinesis_configuration.maximum_retry_attempts
maximum_record_age_in_seconds = var.shared_kinesis_configuration.maximum_record_age_in_seconds
function_response_types = var.shared_kinesis_configuration.function_response_types
destination_config {
on_failure {
destination_arn = local.shared_default_sqs_error_handling_dlq_arn
}
}
}
resource "aws_iam_policy" "shared_deadletter_sqs_queue_policy" {
name = "shared-deadletter-sqs-queue-policy"
path = "/"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"sqs:SendMessage",
]
Effect = "Allow"
Resource = [
local.shared_default_sqs_error_handling_dlq_arn
]
},
]
})
}
我认为您遇到了一些权限问题,请尝试将角色附加到您的 lambda 函数以访问 AWS SQS DLQ。
你应该看看下面的指标,看看你是否有权限错误
你的DLQ是用KMS加密的吗?除了 SQS 权限之外,您还需要提供对 KMS 的最高权限
Lambda 报错是怎么回事?