I came across another omission/bug while deploying my code to AWS Lambda. Basically the following code works locally but fails with a UnrecognizedClientException: The security token included in the request is invalid error when running on Lambda:
import asyncdispatch, atoz/dynamodb_20120810, httpclient, json
let
body = %* { "TableName": "my-table", ... }
response = await query.call(body).issueRequest()
Turns out Lambda uses Temporary Security Credentials which, in addition to the usual access key id and secret, includes a session token which should be added to the request as either a header or query parameter. Modifying the above example we get this piece of code that now works on Lambda as well:
So I was thinking it might make sense for atoz to include the X-Amz-Security-Token header automatically if the AWS_SESSION_TOKEN env variable is defined. This is what the NodeJS and Python AWS SDKs do too, to my knowledge.
I came across another omission/bug while deploying my code to AWS Lambda. Basically the following code works locally but fails with a
UnrecognizedClientException: The security token included in the request is invalid
error when running on Lambda:Turns out Lambda uses Temporary Security Credentials which, in addition to the usual access key id and secret, includes a session token which should be added to the request as either a header or query parameter. Modifying the above example we get this piece of code that now works on Lambda as well:
So I was thinking it might make sense for
atoz
to include theX-Amz-Security-Token
header automatically if theAWS_SESSION_TOKEN
env variable is defined. This is what the NodeJS and Python AWS SDKs do too, to my knowledge.What do you think?