search

hashicorp / vault-lambda-extension

Mozilla Public License 2.0
136 stars 29 forks source link

Is the vault Lambda extension available with nodejs or python code base instead of golang #43

Closed bakshigit closed 3 years ago

bakshigit commented 3 years ago

Is the vault Lambda extension available with nodejs or python code base instead of golang

tomhjp commented 3 years ago

This is only available as a Golang project. However, it runs as an external extension, so it can work with Lambda functions in any language, see https://docs.aws.amazon.com/lambda/latest/dg/using-extensions.html.

bakshigit commented 3 years ago

Sorry, but i am still not able to access the vault extension from my nodejs Lambda code .

Here are the steps :

  1. Deploy the extension layer with below command curl --silent https://releases.hashicorp.com/vault-lambda-extension/0.4.0/vault-lambda-extension_0.4.0_linux_amd64.zip \ --output vault-lambda-extension.zip export REGION="us-east-1" aws lambda publish-layer-version \ --layer-name vault-lambda-extension \ --zip-file "fileb://vault-lambda-extension.zip" \ --region "${REGION}"

  2. Create a simple node js 14.x small code snippet as below

const vaultAuthClient = require('vault-lambda-extension');

exports.handler = async (event) => { const results = await vaultAuthClient.get('https://jsonplaceholder.typicode.com/todos/1')

    return results.data

};

  1. When i try to execute with all the defined ENVIRONMENT VARIABLES , get the below error { "errorType": "Runtime.ImportModuleError", "errorMessage": "Error: Cannot find module 'vault-lambda-extension'\nRequire stack:\n- /var/task/index.js\n- /var/runtime/UserFunction.js\n- /var/runtime/index.js", "trace": [ "Runtime.ImportModuleError: Error: Cannot find module 'vault-lambda-extension'", "Require stack:", "- /var/task/index.js", "- /var/runtime/UserFunction.js", "- /var/runtime/index.js", " at _loadUserApp (/var/runtime/UserFunction.js:100:13)", " at Object.module.exports.load (/var/runtime/UserFunction.js:140:17)", " at Object. (/var/runtime/index.js:43:30)", " at Module._compile (internal/modules/cjs/loader.js:1085:14)", " at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)", " at Module.load (internal/modules/cjs/loader.js:950:32)", " at Function.Module._load (internal/modules/cjs/loader.js:790:14)", " at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:76:12)", " at internal/main/run_main_module.js:17:47" ] }

  2. If we remove all ENVIRONMENT VARIABLES then we get a different error START RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Version: $LATEST 9bac0152-7c2e-4a14-95e9-f6f254f87067[vault-lambda-extension] 2021/07/14 21:15:16 Initialising [vault-lambda-extension] 2021/07/14 21:15:16 missing VLE_VAULT_ADDR, VAULT_ADDR, VAULT_AUTH_PROVIDER or VAULT_AUTH_ROLE environment variables EXTENSION Name: vault-lambda-extension State: Registered Events: [INVOKE,SHUTDOWN] END RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 REPORT RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Duration: 3131.75 ms Billed Duration: 3000 ms Memory Size: 128 MB Max Memory Used: 20 MB
    RequestId: 71fafd10-1dc6-44b0-9805-8add9e4597b9 Error: exit status 1 Extension.Crash

Let me what can be wrong and if you can point to some sample code which shows a nodejs Lambda function using vault lambda extension to pull secrets

Thanks in advance

tomhjp commented 3 years ago

For anyone else stumbling on this issue, #44 addresses the same issue.