2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Hi Richard,
Are you adding the X-Aws-Parameters-Secrets-Token
header with the AWS_SESSION_TOKEN
to you request?
con risposta un anno fa
0
Not sure if it's the final solution but from what I'm reading I see SSM parameter path, as any other value in query string, should be URL encoded, so changing /
to %2F
you'll get:
http://localhost:2773/systemsmanager/parameters/get/?name=%2FClinMod%2FSyncfusionKey&version=1
PLS: give it a try!
con risposta un anno fa
The URL was already getting encoded - thanks for responding though.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata un anno fa
Thanks Bryan that seems to have moved me one step closer. I was not using the header so have now added it. It still fails but not it spits out an error to give me some clues
The error I get is :
[AWS Parameters and Secrets Lambda Extension] 2022/12/02 18:10:11 ERROR GetParameter request encountered an error: operation error SSM: GetParameter, https response error StatusCode: 400, RequestID: ed0638c4-6118-4bfa-ae43-5c1530fce5fb, api error AccessDeniedException: User: arn:aws:sts::??????????:assumed-role/FCKM-lambda-standard/ClinMod_S3_StepFunctionLaunch is not authorized to perform: ssm:GetParameter on resource: arn:aws:ssm:eu-west-2:??????????:* because no identity-based policy allows the ssm:GetParameter action
This is puzzling as the execution role does have that permission - well at least 'FCKM-lambda-standard' does. The role 'FCKM-lambda-standard/ClinMod_S3_StepFunctionLaunch' does not actually exist I assume it inherits from 'FCKM-lambda-standard'
Looking at the code again I had a typo in the parameter name - once fixed it works fine. Thanks for your help