Paulo
01/24/2021, 6:29 PMgetSecretValue()
being the cause as far as I understand.
It's very weird because:
• All the functions are in the same serverless.yml
and share the same VPC configuration (which is already set up to allow internet access) and the other functions with the same type of calls (SecretsManager, RDS, and external addresses) work perfectly;
• It doesn't seem to be an external access problem because the HTTP calls to the Internet work fine, only the secrets manager get stuck;
• I noticed that if I change the internet address I'm calling for another (e.g. google.com) it works without timing out the getSecretValue()
call.
• Since the external address, in this case, is another lambda, I tested calling it directly by using the AWS SDK instead of making an HTTP request (via axios), but in this case, the timeout happens again :S
Any clues? Has anyone already passed for a similar problem?Ross Coundon
01/24/2021, 6:31 PMPaulo
01/24/2021, 8:03 PMRoss Coundon
01/24/2021, 8:09 PMPaulo
01/24/2021, 8:33 PMFrank
Ross Coundon
01/24/2021, 8:35 PMEffect:
'Allow',
Action: [
'kms:Decrypt',
'kms:GenerateDataKey*',
'kms:DescribeKey*',
],
Resource: theparameterpath
But I get the issue that access to the key isn’t allowed. I then end up going into the KMS console in AWS to specify the role as a user of the keyFrank
Ross Coundon
01/24/2021, 8:49 PM