Всякий раз, когда я тестирую лямбда-функцию в консоли, она отлично работает.Только когда я пытаюсь автоматизировать триггер моей лямбда-функции (путем создания нового VPC), я получаю сообщение об ошибке.Честно говоря, не уверен, что не так и хотел бы помочь.Спасибо!
Лямбда-функция:
exports.lambda_handler = async function(event, context, callback) {
const AWS = require('aws-sdk');
const id = event.responseElements.vpc.vpcId;
const aws_accountid = process.env.aws_accountid;
const aws_region = process.env.AWS_REGION;
const logrole = process.env.stack_logrole;
const logdest_arn = 'arn:aws:logs:' + aws_region + ':' + aws_accountid + ':log-group:/aws/vpc/' + aws_accountid + '/flowlogs:*';
const logrole_arn = 'arn:aws:iam::' + aws_accountid + ':role/' + logrole;
const ec2 = new AWS.EC2({apiVersion: '2016-11-15', region: aws_region});
const params = {
ResourceIds: [id],
ResourceType: 'VPC',
TrafficType: 'ALL',
LogDestination: logdest_arn,
DeliverLogsPermissionArn: logrole_arn,
LogDestinationType: 'cloud-watch-logs'
};
ec2.createFlowLogs(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
callback(null, "Flow Logs were enabled on " + id);
};
Ошибка:
{
"errorMessage": "Cannot read property 'vpc' of undefined",
"errorType": "TypeError",
"stackTrace": [
"exports.lambda_handler (/var/task/index.js:4:37)"
]
}
Итак, я включил регистрацию события, чтобы увидеть, что я получаю от CloudWatch (всего сопоставленного события):
responseElements:
{ requestId: 'accda467-e955-4e39-918e-d6ebc1169679',
vpc: [Object] },
requestID: 'accda467-e955-4e39-918e-d6ebc1169679',
eventID: '9eaba092-e716-4f7d-87b0-f99efc1c376a',
eventType: 'AwsApiCall' } }
Событие, использованное для проверки:
{
"eventVersion": "1.05",
"userIdentity": {
"type": "AssumedRole",
"principalId": "xxxxxxxxxxxxxx:xxxxxxxxxxxx",
"arn": "arn:aws:sts::xxxxxxxxxx:assumed-role/xxxxxxxxxxx/xxxxxxxxxxxx",
"accountId": "xxxxxxxxxxxxxx",
"accessKeyId": "xxxxxxxxxxxx",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "true",
"creationDate": "xxxxxxxxxx"
},
"sessionIssuer": {
"type": "Role",
"principalId": "xxxxxxxxxxx",
"arn": "arn:aws:iam::xxxxxxxxxxx:role/xxxxxxxxxx",
"accountId": "xxxxxxxx",
"userName": "xxxxxxxxxxx"
}
}
},
"eventTime": "xxxxxxxxxxxx",
"eventSource": "ec2.amazonaws.com",
"eventName": "CreateVpc",
"awsRegion": "xxxxxxxxx",
"sourceIPAddress": "xxxxxxxxxxx",
"userAgent": "console.ec2.amazonaws.com",
"requestParameters": {
"cidrBlock": "xxxxxxxxxxx",
"instanceTenancy": "default",
"amazonProvidedIpv6CidrBlock": false
},
"responseElements": {
"requestId": "38ab2b4b-1707-46b3-84b3-db7209e4d9c7",
"vpc": {
"vpcId": "vpc-077xxxxxx",
"state": "pending",
"ownerId": "xxxxxxxxxxx",
"cidrBlock": "xxxxxxxxxxx",
"cidrBlockAssociationSet": {
"items": [
{
"cidrBlock": "xxxxxxxx",
"associationId": "xxxxxxxx",
"cidrBlockState": {
"state": "associated"
}
}
]
},
"ipv6CidrBlockAssociationSet": {},
"dhcpOptionsId": "xxxxxxxx",
"instanceTenancy": "default",
"tagSet": {},
"isDefault": false
}
},
"requestID": "38ab2b4b-1707-46b3-84b3-db7209e4d9c7",
"eventID": "b414662e-f651-4c79-8f3f-5158e78cb97c",
"eventType": "AwsApiCall",
"recipientAccountId": "xxxxxxxxxxxx"
}
2/5/2019 - добавлен JSON
{
"version": "0",
"id": "555cbe35-15bb-1ae4-d129-19a9d1f0b8cf",
"detail-type": "AWS API Call via CloudTrail",
"source": "aws.ec2",
"account": "xxxxxxxxxxxx",
"time": "2019-02-05T16:24:44Z",
"region": "us-east-1",
"resources": [],
"detail": {
"eventVersion": "1.05",
"userIdentity": {
"type": "AssumedRole",
"principalId": "AROAIWDDPATYMGRZHUC5U:xxxxxxxxxxx",
"arn": "arn:aws:sts::xxxxxxxxxxx:assumed-role/xxxxxxxxxxxx/xxxxxxxxxxxxxxx",
"accountId": "xxxxxxxxxxx",
"accessKeyId": "ASIAYTX6VP3NAVVT7NWC",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "true",
"creationDate": "2019-02-05T15:57:11Z"
},
"sessionIssuer": {
"type": "Role",
"principalId": "xxxxxxxxxxx",
"arn": "arn:aws:iam::xxxxxxxxx:role/xxxxxxxxxxxx",
"accountId": "xxxxxxxxx",
"userName": "xxxxxxxxxxx"
}
}
},
"eventTime": "2019-02-05T16:24:44Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "CreateVpc",
"awsRegion": "us-east-1",
"sourceIPAddress": "xxxxxxxxxx",
"userAgent": "console.ec2.amazonaws.com",
"requestParameters": {
"cidrBlock": "10.0.0.0/16",
"instanceTenancy": "default",
"amazonProvidedIpv6CidrBlock": false
},
"responseElements": {
"requestId": "c2d2c32f-96bf-4a73-b281-ddcfc47f6163",
"vpc": {
"vpcId": "vpc-074fa2axxxxxxx",
"state": "pending",
"ownerId": "xxxxxxxx",
"cidrBlock": "10.0.0.0/16",
"cidrBlockAssociationSet": {
"items": [
{
"cidrBlock": "10.0.0.0/16",
"associationId": "vpc-cidr-assoc-065xxxxxxxxx",
"cidrBlockState": {
"state": "associated"
}
}
]
},
"ipv6CidrBlockAssociationSet": {},
"dhcpOptionsId": "dopt-xxxxxx",
"instanceTenancy": "default",
"tagSet": {},
"isDefault": false
}
},
"requestID": "c2d2c32f-96bf-4a73-b281-ddcfc47f6163",
"eventID": "452fb486-ca5a-423d-b3ae-b0f9664a0adf",
"eventType": "AwsApiCall"
}
}