aws.lambda
aws.lambda copied to clipboard
Published
20 hours ago •
cloudyr
cloudyr
get-session-token not returning valid token
I get an error trying to run funclist <- sapply(list_functions(), get_function_name)
Error in lambdaHTTP(verb = "GET", action = act, query = query, ...) : Forbidden (HTTP 403).
I downloaded and isntalled the Amazon Command Line Interface, configured it and requested a session token:
aws sts get-session-token --duration-seconds 129600
This returns:
{
"Credentials": {
"SecretAccessKey": "mysecretkey",
"SessionToken": "mytoken",
"Expiration": "2019-12-22T10:06:25Z",
"AccessKeyId": "mykey"
}
}
Now I place these into R and try and run the command:
Sys.setenv("AWS_ACCESS_KEY_ID" = "myKey",
"AWS_SECRET_ACCESS_KEY" = "mysecretkey",
"AWS_DEFAULT_REGION" = "us-east-1",
"AWS_SESSION_TOKEN" = "mytoken")
library("aws.lambda")
# get list of all current functions
funclist <- sapply(list_functions(), get_function_name)
$url
[1] "https://lambda.us-east-1.amazonaws.com/2015-03-31/functions"
$status_code
[1] 403
$headers
$date
[1] "Fri, 20 Dec 2019 22:07:56 GMT"
$`content-type`
[1] "application/json"
$`content-length`
[1] "68"
$`x-amzn-requestid`
[1] "d8ce0ace-8bf6-4389-b463-3017e4a6b3d2"
$`x-amzn-errortype`
[1] "UnrecognizedClientException"
attr(,"class")
[1] "insensitive" "list"
$all_headers
$all_headers[[1]]
$all_headers[[1]]$status
[1] 403
$all_headers[[1]]$version
[1] "HTTP/2"
$all_headers[[1]]$headers
$date
[1] "Fri, 20 Dec 2019 22:07:56 GMT"
$`content-type`
[1] "application/json"
$`content-length`
[1] "68"
$`x-amzn-requestid`
[1] "d8ce0ace-8bf6-4389-b463-3017e4a6b3d2"
$`x-amzn-errortype`
[1] "UnrecognizedClientException"
attr(,"class")
[1] "insensitive" "list"
$cookies
[1] domain flag path secure expiration name value
<0 rows> (or 0-length row.names)
$content
$content$message
[1] "The security token included in the request is invalid."
$date
[1] "2019-12-20 22:07:56 GMT"
$times
redirect namelookup connect pretransfer starttransfer total
0.000000 0.000092 0.000096 0.000169 0.012340 0.012375
$request
<request>
GET https://lambda.us-east-1.amazonaws.com/2015-03-31/functions
Output: write_memory
Options:
* useragent: libcurl/7.61.1 r-curl/4.2 httr/1.4.1
* httpget: TRUE
Headers:
* Accept: application/json, text/xml, application/xml, */*
* host: lambda.us-east-1.amazonaws.com
* x-amz-date: 20191220T220756Z
* x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
* Authorization: AWS4-HMAC-SHA256 Credential=ASIAWHR6YUDAWYUQTFYX/20191220/us-east-1/lambda/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=e1355c335bbbe82492be4fa9711595c454665a0d545e10ec2428a1cd8b18b7bd
$handle
<curl handle> (empty)
attr(,"class")
[1] "aws_error"
attr(,"headers")
$date
[1] "Fri, 20 Dec 2019 22:07:56 GMT"
$`content-type`
[1] "application/json"
$`content-length`
[1] "68"
$`x-amzn-requestid`
[1] "d8ce0ace-8bf6-4389-b463-3017e4a6b3d2"
$`x-amzn-errortype`
[1] "UnrecognizedClientException"
attr(,"class")
[1] "insensitive" "list"
attr(,"request_canonical")
[1] "GET\n/2015-03-31/functions\n\nhost:lambda.us-east-1.amazonaws.com\nx-amz-date:20191220T220756Z\nx-amz-security-token:FwoGZXIvYXdzEJj//////////wEaDDCkOajvq4oNbLUpRiKCAadxzJRVwFRKqZxB+HZuA//fk/OSDxaaSBlFvGn5RZQY5WMez94HUoGRydehHBbYr8QR0sgUB8v+0H5CccCwY+NQGkWkaLqo4WQ0Wp1Ei5rk5ZmYOXGl8Ysxe9xucCgT9WQeSyypVX9565whmUdBNGkIxDye3kq7NDZnQkk4qN+fGNEo4Yv17wUyKMbJqluF1gPmI281BKAHkJ6zp9eZCalw7Xip7dNYsyUs1Z3X3TXyTJ8=\n\nhost;x-amz-date;x-amz-security-token\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
attr(,"request_string_to_sign")
[1] "AWS4-HMAC-SHA256\n20191220T220756Z\n20191220/us-east-1/lambda/aws4_request\nd1dfb6de14af6af22e080b350be20299e370f92315adb3f786b8a443b7179655"
attr(,"request_signature")
[1] "AWS4-HMAC-SHA256 Credential=ASIAWHR6YUDAWYUQTFYX/20191220/us-east-1/lambda/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=e1355c335bbbe82492be4fa9711595c454665a0d545e10ec2428a1cd8b18b7bd"
It looks like The security token is invalid. How do I get a valid token?
