1

I deploy my serverless function using zip method.

I'm trying to encrypt the file using the following code:

import boto3
import gnupg

def lambda_handler(event, context):
        s3=boto3.resource('s3')

        s3.meta.client.download_file('my_bucket','plain.txt','/tmp/plain.txt')
        s3.meta.client.download_file('my_bucket','public.key','/tmp/public.key')
        
        key_data = open('/tmp/public.key').read()

        gpg = gnupg.GPG('/tmp')
        priv_key = gpg.import_keys(key_data)
        
        with open('/tmp/plain.txt','rb') as a_file:
          gpg.encrypt_file(a_file,key_data,output='plain.txt.gpg')
     
        return 'ok'

but I got the following error:

  "errorMessage": "Unable to run gpg (/tmp) - it may not be available."

what's the correct way to run gpg from serverless?

melamed
  • 21
  • 4
  • 2
    How exactly are you importing the library using .zip file? What exactly is the error? What's the resulting folder structure? – gshpychka Aug 30 '21 at 14:06
  • I updated the question following your comment @gshpychka – melamed Aug 30 '21 at 18:22
  • See the answer: https://stackoverflow.com/questions/66770313/lamnda-python-3-8-gpg-decryption-can-not-find-gpg-binary?answertab=active#tab-top – dpaluy Aug 30 '21 at 18:25
  • How did you package the dependencies in the zip file? What is the resulting folder structure? – gshpychka Aug 30 '21 at 19:13

1 Answers1

1

The Lambda runtime doesn't contain arbitrary executables like GPG.

Your best option is probably to use a native Python package, so that ideally you don't need an external binary, or a wrapper package such as python-gnupg.

You may need to package needed binaries with your Lambda deployment package or as part of an underlying Lambda layer.

jarmod
  • 71,565
  • 16
  • 115
  • 122