AWS Lambda has proven to be an increasingly versatile tool for cloud automation. It is pretty easy to get started since there is little dependency involved, and what you can do with it is limited only by imagination. However, I went through some detours with initial troubleshooting efforts, and hope to share some learning experience here.
A common occurrence
is that a Lambda function not getting invoked as expected. In this typical push
model, a CloudWatch event occurs which should trigger Lambda invocation. But
reviewing CloudWatch provides no indication that Lambda left any logs. At this
point, the most useful clue is to look at Lambda “Monitoring” tab. Shown below
are clear indication that invocation occurred but failed.
For CloudWatch
Events to invoke Lambda, Lambda must have authorization. Perhaps not so intuitive,
the authorization for Lambda is by ways of function-level permissions. In other
words, Lambda execution role needs to
have CloudWatch Events permission for it to be invoked by CloudWatch Events.
One way to
fix, add “cloudwatcheventsfullaccess” to the execution role assigned to Lambda
function. There are obviously other permissions needed depending on your
specific Lambda function, these are useful references:
No comments:
Post a Comment