Open aldy120 opened 1 year ago
6 second after
Calling the invoke API action failed with this message: The function couldn't connect to the Amazon EFS file system with access point arn:aws:elasticfilesystem:eu-west-1:325227931631:access-point/fsap-017ba2ccf7291ed80. Check your network configuration and try again.
Solution: Check security groups in Lambda and EFS access point.
Error message: "errorType": "Error", "errorMessage": "Directory import '/mnt/efs/node/node_modules/puppeteer' is not supported resolving ES modules imported from /var/task/index.mjs\nDid you mean to import /mnt/efs/node/node_modules/puppeteer/lib/cjs/puppeteer/puppeteer.js?", "code": "ERR_UNSUPPORTED_DIR_IMPORT", "url": "file:///mnt/efs/node/node_modules/puppeteer",
In puppeteer package.json
,
"main": "./lib/cjs/puppeteer/puppeteer.js",
Solution: Change the import path to
import puppeteer from '/mnt/efs/node/node_modules/puppeteer/lib/cjs/puppeteer/puppeteer.js';
似乎在 Lambda 上不用放 EFS 的權限。可以直接透過 VPC 存取。
Calling the invoke API action failed with this message: The function couldn't mount the Amazon EFS file system with access point arn:aws:elasticfilesystem:eu-west-1:325227931631:access-point/fsap-0d4dd118834e41c37.
Solution: Use a 1000/1000/777 Root Creation Permissions when create a access point.
EFS access point 會把所有的 NFS 請求默默改變 User/Group 。舉例來說,就算用 root 新增檔案,看起來也會是設定在 access point 的 POSIX user 建立的。也可以自訂一個 Root directory ,掛載端看不到他自己實際上在 EFS 的那個目錄下。
最好是建立 access point 的時候 path 選一個新的之前沒用過的。
If the access point's root directory already exists before mount time, the existing permissions aren't overwritten by the access point. https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html#create-root-directory-access-point
使用 id
指令可以列出目前的 UID/GID
各種 access point permissions 的測試 https://docs.google.com/spreadsheets/d/1CAxzIwxKayf9tJjgoWnbDTQmTAhq2D9loH7C653jJ-0/edit#gid=0
/
,請務必指定一個目錄例如/efs
。並且將 uid/gid 設定成 1000 ,權限設定為 777 或 755。/mnt/efs
。就可以在 Lambda 存取這個目錄了。