Hello
I tried all the steps required to use AWS Parameters and Secrets Lambda Extension such like adding layer and using the X-Aws-Parameters-Secrets-Token in the header but the problem is when I call the request to get the secrets by using AWS Lambda Extension I get the "feign.RetryableException: Connection refused (Connection refused) executing GET http://localhost:2773/secretsmanager/get?secretId=test" problem.
Error : Connection refused (Connection refused) executing GET http://localhost:2773/secretsmanager/get?secretId=test" problem.
I really do not understand the problem. The token seems fine as well. I used Feign Client to make a GET request to call the secrets by using AWS Lambda Extension . Could you please check the implementation and let me know the problem?
//* SecretsAndParametersExtensionAPI class (API class for Feign Client)
@Headers({"X-Aws-Parameters-Secrets-Token: {token}"})
public interface SecretsAndParametersExtensionAPI { // TODO move me
@RequestLine("GET /secretsmanager/get")
@Headers("X-Aws-Parameters-Secrets-Token: {token}")
String getSecret(@Param("token") String token, @QueryMap Map<String, Object> queryMap);
}
// Test class to get Secrets by using AWS Secrets Parameters Lambda Extension
@Test
public void testSecretsExtension() {
String sessionToken = EnvVarCommon.SESSION_TOKEN.get();
System.out.println(sessionToken);
try {
SecretsAndParametersExtensionAPI secretsAndParametersExtensionAPI =
Feign.builder().target(SecretsAndParametersExtensionAPI.class, "http://localhost:2773/");
Map<String, Object> queryMap = new HashMap<>();
queryMap.put("secretId", "test");
String resultFromSecretExtension =
secretsAndParametersExtensionAPI.getSecret(sessionToken, queryMap);
System.out.println("Result From Secret Extension " + resultFromSecretExtension);
log.debug("Request sent to ULH and ULH send request to LAVIN to download profile picture");
} catch (IllegalStateException | JsonSyntaxException exception) {
log.error(
"Failed to get response from ULH for downloading profile picture for the UserID '{}'",
exception);
}
}
//* template.yml file (CloudFormation file for adding Layer)
Mappings:
RegionToLayerArnMap:
us-east-1:
"LayerArn": "arn:aws:lambda:us-east-1:177933569100:layer:AWS-Parameters-and-Secrets-Lambda-Extension:2"
us-east-2:
"LayerArn": "arn:aws:lambda:us-east-2:590474943231:layer:AWS-Parameters-and-Secrets-Lambda-Extension:2"
eu-west-1:
"LayerArn": "arn:aws:lambda:eu-west-1:015030872274:layer:AWS-Parameters-and-Secrets-Lambda-Extension:2"
eu-west-2:
"LayerArn": "arn:aws:lambda:eu-west-2:133256977650:layer:AWS-Parameters-and-Secrets-Lambda-Extension:2"
eu-west-3:
"LayerArn": "arn:aws:lambda:eu-west-3:780235371811:layer:AWS-Parameters-and-Secrets-Lambda-Extension:2"
AlperTestBotLambda:
Type: AWS::Serverless::Function
Condition: EnableAlperTestbot
Properties:
Tracing: Active
Runtime: java11
Environment:
Variables:
component: !Ref Component
componentShortName: !Ref ComponentShortName
version: !Ref Version
zone: !Ref Zone
tenant: !Ref Tenant
testTenant: "test"
alperTestQueueName: !Ref AlperTestQueueName
aws.sessionToken: !Ref SessionToken
Policies:
- !Ref SecureParameterAccess
- !Ref PurgeSqsPolicyTestQueues
EventInvokeConfig:
MaximumRetryAttempts: 0
Layers:
- !FindInMap [ RegionToLayerArnMap, !Ref "AWS::Region", LayerArn ]
AWS 官方已更新 1 年前