Closed bakshigit closed 3 years ago
This is only available as a Golang project. However, it runs as an external extension, so it can work with Lambda functions in any language, see https://docs.aws.amazon.com/lambda/latest/dg/using-extensions.html.
Sorry, but i am still not able to access the vault extension from my nodejs Lambda code .
Here are the steps :
Deploy the extension layer with below command curl --silent https://releases.hashicorp.com/vault-lambda-extension/0.4.0/vault-lambda-extension_0.4.0_linux_amd64.zip \ --output vault-lambda-extension.zip export REGION="us-east-1" aws lambda publish-layer-version \ --layer-name vault-lambda-extension \ --zip-file "fileb://vault-lambda-extension.zip" \ --region "${REGION}"
Create a simple node js 14.x small code snippet as below
const vaultAuthClient = require('vault-lambda-extension');
exports.handler = async (event) => { const results = await vaultAuthClient.get('https://jsonplaceholder.typicode.com/todos/1')
return results.data
};
When i try to execute with all the defined ENVIRONMENT VARIABLES , get the below error
{
"errorType": "Runtime.ImportModuleError",
"errorMessage": "Error: Cannot find module 'vault-lambda-extension'\nRequire stack:\n- /var/task/index.js\n- /var/runtime/UserFunction.js\n- /var/runtime/index.js",
"trace": [
"Runtime.ImportModuleError: Error: Cannot find module 'vault-lambda-extension'",
"Require stack:",
"- /var/task/index.js",
"- /var/runtime/UserFunction.js",
"- /var/runtime/index.js",
" at _loadUserApp (/var/runtime/UserFunction.js:100:13)",
" at Object.module.exports.load (/var/runtime/UserFunction.js:140:17)",
" at Object.
If we remove all ENVIRONMENT VARIABLES then we get a different error
START RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Version: $LATEST
9bac0152-7c2e-4a14-95e9-f6f254f87067[vault-lambda-extension] 2021/07/14 21:15:16 Initialising
[vault-lambda-extension] 2021/07/14 21:15:16 missing VLE_VAULT_ADDR, VAULT_ADDR, VAULT_AUTH_PROVIDER or VAULT_AUTH_ROLE environment variables
EXTENSION Name: vault-lambda-extension State: Registered Events: [INVOKE,SHUTDOWN]
END RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9
REPORT RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Duration: 3131.75 ms Billed Duration: 3000 ms Memory Size: 128 MB Max Memory Used: 20 MB
RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Error: exit status 1
Extension.Crash
Let me what can be wrong and if you can point to some sample code which shows a nodejs Lambda function using vault lambda extension to pull secrets
Thanks in advance
For anyone else stumbling on this issue, #44 addresses the same issue.
Is the vault Lambda extension available with nodejs or python code base instead of golang