- 최신
- 최다 투표
- 가장 많은 댓글
I have been troubleshooting this for a few days. Anyone able to help me with this?
Neither the global service principal states.amazonaws.com, nor the regional one is authorized to assume the provided role.
This error can happen when you just created the role and the state machine in a short period of time. It takes a few seconds for IAM to propagate the new permissions.
The role defined for the function cannot be assumed by Lambda.
This means the IAM Role configured on your Lambda function does not allow Lambda to assume it.
The cause could not be determined because Lambda did not return an error type. Returned payload: {"errorMessage":"2022-06-06T15:02:36.302Z fcf6b434-6217-48f5-bf85-919a91456c28 Task timed out after 3.11 seconds"}
This error means you Lambda took more than 3s to execute (most likely you have a 3s timeout on your Lambda configuration) and the return to Step Functions was the Lambda execution timeout.
Thank you.
Yes. I had to make these two changes:
-
edit the timeout for the "Restart" function in "Configuration" -> "General configuration", I set the timeout to 5 minutes and 3 seconds.
-
I had to edit the "Restart" code to export handler:
var aws = require('aws-sdk'); var sfn = new aws.StepFunctions(); exports.handler = (event, context, callback) => { let StateMachineArn = event.restart.StateMachineArn; event.restart.executionCount -= 1; event = JSON.stringify(event); let params = { input: event, stateMachineArn: StateMachineArn }; sfn.startExecution(params, function(err, data) { if (err) callback(err); else callback(null,event); }); }Then deploy it after making the code change.
Now this successfully works!
-
For me the Trust Policy looks ok. Could you double-check that your region is correct and the role is properly attached to the State Machine you want to use?
I tried that and still getting an error: "The role defined for the function cannot be assumed by Lambda. (Service: AWSLambda; Status Code: 403; Error Code: AccessDeniedException; Request ID: 82b2b3f2-ce43-4114-aaa4-ceef08c22470; Proxy: null)"
Then I checked the "Iterator" role and had to fix the trust policy for this to lambda: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "lambda.us-east-1.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
Now it runs further but breaks at the "Restart" function with this error: "The cause could not be determined because Lambda did not return an error type. Returned payload: {"errorMessage":"2022-06-06T15:02:36.302Z fcf6b434-6217-48f5-bf85-919a91456c28 Task timed out after 3.11 seconds"}"
Any ideas?
I had the same issue. This is my trust policy: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
When you try to create the Lambda function just after the role creation, that can throw an error. Amazon needs a few seconds to replicate your new role through all regions. So, the fix is to wait a few seconds before creating the Lambda function. I used 5 seconds delay in my case Thread.sleep(5000); and was not getting that error anymore. Hope this helps!