0

I would like to create a new api key from lambda. I have usage plan with my Gateway API, created with CF like:

MyApi:
    Type: AWS::Serverless::Api
    Properties:
        Auth:
            UsagePlan: 
                UsagePlanName: MyUsagePlan
                CreateUsagePlan: PER_API
                ...
        ...

Using this as a reference https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/APIGateway.html

I guess the process in the lambda should be like this: - createApiKey - getUsagePlan - createUsagePlanKey

In the lambda, I have MyApi id and I'm trying to fetch the api:

var apiGateway = new AWS.APIGateway({region: region});
const restApi = await new Promise((resolve, reject) => {
    apiGateway.getRestApi({restApiId: MYAPI_ID}, function(err, data) {
        if (err) {
            console.log('getRestApi err', err, err.stack);
            reject(err);
        } else {
            console.log('getRestApi', data);
            resolve(data);
        }
    });
});

But this gets timed out by my lambda.

If I try to input values manually, it gets timed out as well:

const keyParams = {
    keyId: 'xxxxxxxx',
    keyType: 'API_KEY',
    usagePlanId: 'yyyyyyyy'
  };
const apiKey = await new Promise((resolve, reject) => {
    apiGateway.createUsagePlanKey(keyParams, function (err, data) {
        if (err) {
            console.log('createUsagePlanKey err', err, err.stack);
            reject(err);
        } else {
            console.log('createUsagePlanKey', data);
            resolve(data);
        }
    });
});

Why do every function call to api get timed out and nothing gets printed in console.log? Is my approach ok or how should I create the new api key for a user?

Edited: Timeout for lambdas is 10 seconds and they run in VPC

TKirahvi
  • 318
  • 3
  • 19
  • 1
    What is the lambda timeout value (3 second ?) ? try to increase it to see if it works. – Ersoy May 25 '20 at 12:19
  • 1
    Is the Lambda function configured to run in a VPC? – Mark B May 25 '20 at 12:45
  • Timeout is 10 seconds and they are run within VPC – TKirahvi May 25 '20 at 13:09
  • 1
    Does this answer your question? [API Gateway+Lambda+VPC timeout issue](https://stackoverflow.com/questions/40741579/api-gatewaylambdavpc-timeout-issue) – Sully May 25 '20 at 13:42
  • https://image.slidesharecdn.com/introduction-to-aws-lambda-and-be3bfd4e-dab9-4a72-86cc-29b8fd53a987-664298007-190117164900/95/introduction-to-aws-lambda-and-serverless-applications-27-638.jpg?cb=1547743779 – Sully May 25 '20 at 14:40

1 Answers1

1

It sounds like you probably haven't configured your VPC to allow your Lambda function to access resources (like the AWS API) that exist outside the VPC. First, is it really necessary to run the function inside a VPC? If not then removing it from the VPC should fix the issue.

If it is necessary to run the function in a VPC, then you will need to place your Lambda function inside a private subnet with a route to a NAT Gateway, or configure a VPC endpoint for the AWS services it needs to access.

Mark B
  • 183,023
  • 24
  • 297
  • 295
  • I need to have them in a VPC, but my API is public so it isn't within VPC. I tried to configure VPC endpoint with a security group which allows traffic from the security group that my lambda is at. And with the same VPC and subnets. ServiceName: com.amazonaws.{region}.execute-api. Still timeout :( – TKirahvi May 25 '20 at 16:20