I have followed this guide: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/ec2-example-creating-an-instance.html
When I run the code below - I get the UnknowEndPoint error.
I have created an AWS IAM user and added the user to a group with the policy name "IAMFullAccess" - I don't know which other policy would fit (I can see in the AWS dashboard that my credentials has been used programmatically - So I guess this part works well...)?
I have placed my credentials in the .aws folder in a file named credentials.
I am not sure what actually to put inside the 'KeyName' below - currently I have entered the Key Pair Name I find by clicking on one of my existing AWS EC2 instances in the dashboard. Is this correct?
Is there some security group or similar I need to edit - to able to connect NodeJS to my AWS account? Otherwise I have no clue what to do?
In start.js file:
process.env.AWS_SDK_LOAD_CONFIG=1;
var AWS_SDK = require('./aws_sdk');
var aws_sdk = new AWS_SDK();
aws_sdk.CopyInstance();
In aws_sdk.js file:
function AWS_SDK() {
this.CopyInstance = function() {
try {
// Load the AWS SDK for Node.js
var AWS = require('aws-sdk');
//Set the region
AWS.config.update({region: 'us-east-2a'});
var instanceParams = {
ImageId: 'ami-0...',
InstanceType: 't1.micro',
KeyName: '<Key_name>',
MinCount: 1,
MaxCount: 1
};
// Create a promise on an EC2 service object
var instancePromise = new AWS.EC2({apiVersion: '2016-11-15'}).runInstances(instanceParams).promise();
// Handle promise's fulfilled/rejected states
instancePromise.then(
function (data) {
console.log(data);
var instanceId = data.Instances[0].InstanceId;
console.log("Created instance", instanceId);
// Add tags to the instance
var tagParams = {
Resources: [instanceId], Tags: [
{
Key: 'Name',
Value: 'SDK Sample'
}
]
};
// Create a promise on an EC2 service object
var tagPromise = new AWS.EC2({apiVersion: '2016-11-15'}).createTags(tagParams).promise();
// Handle promise's fulfilled/rejected states
tagPromise.then(
function (data) {
console.log("Instance tagged");
}).catch(
function (err) {
console.error(err, err.stack);
});
}).catch(
function (err) {
console.error(err, err.stack);
});
}
catch(e){
wl.info('Error: ' + e);
}
}
function create() {
if(globalAWS === null)
globalAWS = new AWS_SDK();
return globalAWS;
}
module.exports = create;
ERROR:
{ UnknownEndpoint: Inaccessible host: ec2.us-east-2a.amazonaws.com'.
This service may not be available in theus-east-2a' region.
at Request.ENOTFOUND_ERROR (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\event_listeners.js:486:46)
at Request.callListeners (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:106:20)
at Request.emit (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:78:10)
at Request.emit (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:683:14)
at ClientRequest.error (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\event_listeners.js:325:22)
at ClientRequest. (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\http\node.js:93:19)
at ClientRequest.emit (events.js:182:13)
at ClientRequest.EventEmitter.emit (domain.js:442:20)
at TLSSocket.socketErrorListener (_http_client.js:391:9)
at TLSSocket.emit (events.js:182:13) message: 'Inaccessible host: ec2.us-east-2a.amazonaws.com\'. This service may not be
available in theus-east-2a\' region.', code: 'UnknownEndpoint',
region: 'us-east-2a', hostname: 'ec2.us-east-2a.amazonaws.com',
retryable: true, originalError: { Error: getaddrinfo ENOTFOUND
ec2.us-east-2a.amazonaws.com ec2.us-east-2a.amazonaws.com:443
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:57:26)
message:
'getaddrinfo ENOTFOUND ec2.us-east-2a.amazonaws.com ec2.us-east-2a.amazonaws.com:443',
errno: 'ENOTFOUND',
code: 'NetworkingError',
syscall: 'getaddrinfo',
hostname: 'ec2.us-east-2a.amazonaws.com',
host: 'ec2.us-east-2a.amazonaws.com',
port: 443,
region: 'us-east-2a',
retryable: true,
time: 2019-01-14T20:03:42.177Z }, time: 2019-01-14T20:03:42.177Z } 'UnknownEndpoint: Inaccessible host:
ec2.us-east-2a.amazonaws.com\'. This service may not be available in
theus-east-2a\' region.\n at Request.ENOTFOUND_ERROR
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\event_listeners.js:486:46)\n
at Request.callListeners
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:106:20)\n
at Request.emit
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:78:10)\n
at Request.emit
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:683:14)\n
at ClientRequest.error
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\event_listeners.js:325:22)\n
at ClientRequest.
(D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\http\node.js:93:19)\n
at ClientRequest.emit (events.js:182:13)\n at
ClientRequest.EventEmitter.emit (domain.js:442:20)\n at
TLSSocket.socketErrorListener (_http_client.js:391:9)\n at
TLSSocket.emit (events.js:182:13)'
Process finished with exit code 0
If I change the REGION to "us-east-2" (delete the 'a' at the end) the error changes to this:
{ Unsupported: The requested configuration is currently not supported. Please check the documentation for supported configurations.
at Request.extractError (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\services\ec2.js:50:35)
at Request.callListeners (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:106:20)
at Request.emit (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:78:10)
at Request.emit (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:683:14)
at Request.transition (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:22:10)
at AcceptorStateMachine.runTo (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\state_machine.js:14:12)
at D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\state_machine.js:26:10
at Request.<anonymous> (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:38:9)
at Request.<anonymous> (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\request.js:685:12)
at Request.callListeners (D:\Workspace\BitBucket\Test\node_modules\aws-sdk\lib\sequential_executor.js:116:18)
message:
'The requested configuration is currently not supported. Please check the documentation for supported configurations.',
code: 'Unsupported',
time: 2019-01-14T20:31:55.954Z,
requestId: '815a44e2-5d0d-453e-a4ff-6faac2695064',
statusCode: 400,
retryable: false,
retryDelay: 51.269952198296934 } 'Unsupported: The requested configuration is currently not supported. Please check the documentation for supported configurations.\n at Request.extractError (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\services\\ec2.js:50:35)\n at Request.callListeners (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\sequential_executor.js:106:20)\n at Request.emit (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\sequential_executor.js:78:10)\n at Request.emit (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\request.js:683:14)\n at Request.transition (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\request.js:22:10)\n at AcceptorStateMachine.runTo (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\state_machine.js:14:12)\n at D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\state_machine.js:26:10\n at Request.<anonymous> (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\request.js:38:9)\n at Request.<anonymous> (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\request.js:685:12)\n at Request.callListeners (D:\\Workspace\\BitBucket\\Test\\node_modules\\aws-sdk\\lib\\sequential_executor.js:116:18)'
Update 1:
I changed the REGION from to 'us-est-2' and now also updated my ~/.aws/config file (before the file only contained 1 line/row: 'region=us-west-2'):
[default]
region=us-west-2
output=json
Now I get this error (when I try to decode it in the CMD) - I still don't understand what extra roles I have to give/grant my IAM-AWS user to be able read the error message?
An error occurred (AccessDenied) when calling the DecodeAuthorizationMessage operation: User: arn:aws:iam::0046xxxxxxx:user/user_name is not authorized to perform: sts:DecodeAuthorizationMessage
You have configured your AWS region as us-east-2a. That isn't a region, that is an availability zone. Your region should be configured as us-east-2.
After I added the IAM role: "AdministratorAccess" all issues were gone :) The question is now - which role(s) are actually needed to be granted for it to work..."AdministratorAccess" was just for testing purpose.
Related
I have an infrastructure where AWS login happens on a Role basis requires MFA from MS authenticator which pops up on Mobile device for Accept or Decline. Normally on CLI, we use saml2aws and it generates temporary access key secret key with assume role.
I am trying to use aws-sdk in my nodejs and trying to validate the credentials but not getting any popup and gets below error.
Please suggest the method or way to achieve this.
const AWS = require('aws-sdk');
var eks = new AWS.EKS({ accessKeyId: "ABCDEFGHIJKLMNOPQRSTUVWXYZ", secretAccessKey : "gsdhjfkjbkbfvfkqbvfhvqhfvqhfv", region: "us-west-2"});
var params = { name: "testing" };
eks.describeCluster(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
After executing the above code: I am receiving the below error:
UnrecognizedClientException: The security token included in the request is invalid.
at Object.extractError (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\protocol\json.js:52:27)
at Request.extractError (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\protocol\rest_json.js:55:8)
at Request.callListeners (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\sequential_executor.js:106:20)
at Request.emit (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\sequential_executor.js:78:10)
at Request.emit (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:688:14)
at Request.transition (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:22:10)
at AcceptorStateMachine.runTo (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\state_machine.js:14:12)
at D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\state_machine.js:26:10
at Request.<anonymous> (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:38:9)
at Request.<anonymous> (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:690:12) {
code: 'UnrecognizedClientException',
time: 2020-11-03T22:36:19.516Z,
requestId: '2e3486d0-3219-410c-8963-970958c5c14d',
statusCode: 403,
retryable: false,
retryDelay: 91.55836550904752
}
This request is completed. Was a bit tricky but done. Comment if anyone else facing the issue will let you know the solution.
I'm trying to update multiple items using TransactWriteItems, But I have got the following error:
{
UnknownOperationException: An unknown operation was requested.
at Request.extractError (project-dir\node_modules\aws-sdk\lib\protocol\json.js:51:27)
at Request.callListeners (project-dir\node_modules\aws-sdk\lib\sequential_executor.js:106:20)
at Request.emit (project-dir\node_modules\aws-sdk\lib\sequential_executor.js:78:10)
at Request.emit (project-dir\node_modules\aws-sdk\lib\request.js:683:14)
at Request.transition (project-dir\node_modules\aws-sdk\lib\request.js:22:10)
at AcceptorStateMachine.runTo (project-dir\node_modules\aws-sdk\lib\state_machine.js:14:12)
at project-dir\node_modules\aws-sdk\lib\state_machine.js:26:10
at Request.<anonymous> (project-dir\node_modules\aws-sdk\lib\request.js:38:9)
at Request.<anonymous> (project-dir\node_modules\aws-sdk\lib\request.js:685:12)
at Request.callListeners (project-dir\node_modules\aws-sdk\lib\sequential_executor.js:116:18)
message: 'An unknown operation was requested.',
code: 'UnknownOperationException',
time: 2019-06-21T18:28:46.776Z,
requestId: '',
statusCode: 400,
retryable: false,
retryDelay: 17.98291928629798
}
My Code is given below:
const dynamodb = new aws.DynamoDB({ endpoint: "http://localhost:8000" });
const result = await dynamodb
.transactWriteItems({
TransactItems: [{
"Update":{
"TableName":"dbTable1",
"Key":{
"id": { "S":"table-primary-key-id-01" }
},
"ConditionExpression": "#id = :id",
"UpdateExpression":"set #orderNo = :orderNo",
"ExpressionAttributeNames": {
"#id": "id",
"#orderNo":"orderNo"
},
"ExpressionAttributeValues":{
":id":{"S":"table-primary-key-id-01"},
":orderNo":{"N":"9"}
}
}
}]
})
.promise();
Any help would be very much appreciable. Thanks in advance.
I see you are running the TransactWriteItems operation on a local dynamodb instance. Unfortunately AWS has not implemented support for Transactions API call for dynamodb local instances.
I am trying to authenticate a cognito user pool user in node, but I am running into an error (404) when refreshing the credentials. I try authenticating with cognitoUser.authenticateUser. That is successful, and inside the onSuccess, I create credentials with AWS.CognitoIdentityCredentials and get the following
CognitoIdentityCredentials {
expired: true,
expireTime: null,
accessKeyId: undefined,
sessionToken: undefined,
params:
{ IdentityPoolId: '...',
Logins:
{ 'cognito...': '...' } },
data: null,
_identityId: null,
_clientConfig: {} }
So I try refreshing the credentials with AWS.config.credentials.refresh but I get this error
{ UnknownError: Not Found
at Request.extractError (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/protocol/json.js:48:27)
at Request.callListeners (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
at Request.emit (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
at Request.emit (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/request.js:683:14)
at Request.transition (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /Users/.../projects/nodekb/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/request.js:685:12)
at Request.callListeners (/Users/.../projects/nodekb/node_modules/aws-sdk/lib/sequential_executor.js:115:18)
message: 'Not Found',
code: 'UnknownError',
statusCode: 404,
time: 2018-02-21T19:03:29.670Z,
requestId: '...',
retryable: false,
retryDelay: 81.76059666489807 }
Note: these are the two libraries I have required
const AWS = require('aws-sdk');
const AWSCognito = require('amazon-cognito-identity-js');
and I'm following the instructions here. Specifically use case 4
I believe my issue was that my endpoint was set to dynamo. After I changed the endpoint in the AWS configuration, I got another error
I had the same problem, runnining in node, the endpoint was by default set also to dynamodb endpoint. After reseting it (I changed it to undefined), the credentials were refreshed.
( < AWS.CognitoIdentityCredentials > AWS.config.credentials).refresh((error) => {});
I'm trying to delete all files, related to some specific entry in Realtime Database, from Cloud Storage on the entry deletion, using Cloud Functions. My functions looks as fallows:
exports.onDeleteRequest = functions.database.ref('/requests/{requestid}/').onDelete(event => {
const storage = functions.config().firebase.storageBucket;
const userId = event.data.previous.child('uid').val();
const requestId = event.params.requestid;
const path = storage + '/photos/' + userId + '/' + requestId;
console.log('path: ', path);
return gcs.bucket(path).delete().then(function() {
console.log("Files removed");
}).catch(function(error) {
console.error("Failed removing files", error);
});
});
But, I continue getting following error in log:
Failed removing files { ApiError: Not Found
at Object.parseHttpRespBody (/user_code/node_modules/#google-cloud/storage/node_modules/#google-cloud/common/src/util.js:192:30)
at Object.handleResp (/user_code/node_modules/#google-cloud/storage/node_modules/#google-cloud/common/src/util.js:132:18)
at /user_code/node_modules/#google-cloud/storage/node_modules/#google-cloud/common/src/util.js:465:12
at Request.onResponse [as _callback] (/user_code/node_modules/#google-cloud/storage/node_modules/retry-request/index.js:182:7)
at Request.self.callback (/user_code/node_modules/#google-cloud/storage/node_modules/request/request.js:186:22)
at emitTwo (events.js:106:13)
at Request.emit (events.js:191:7)
at Request.<anonymous> (/user_code/node_modules/#google-cloud/storage/node_modules/request/request.js:1163:10)
at emitOne (events.js:96:13)
at Request.emit (events.js:188:7)
code: 404,
errors: [ { domain: 'global', reason: 'notFound', message: 'Not Found' } ],
response: undefined,
message: 'Not Found' }
path: photos/gRplE2ujnIb93Ji5HSzEj3O4i3d2/-L-DHkKMhvLH9l6dWmR2
All subfolders are 100% existing at the time of the function execution. Can anyone help?
I apologize for asking the question, that, without a doubt, was asked before in one way or another, but I didn't find any suggestion of how to solve this issue or why does it occurs in the first place.
I have a lambda function where I am trying to publish a message to SNS topic:
Here is the code:
var params = {
Message: origmessage,
Subject: "Retrying posting URL",
TopicArn: "arn:aws:sns:us-west-2:<acctid>:SampleTopic"
};
sns.publish(params, function(err, data) {
if (err) {
console.log("SNS publish error")
console.log(err, err.stack)
console.log(data, data)
console.log("RETRY PARAMS:" + params);
context.fail(err);
}
});
SNS publish error is cryptic as I am unable to find the root cause. Appreciate if someone can help me show a way to debug this.
Here is the error:
2017-01-19T00:41:13.947Z d440064d-dddf-11e6-abad-8de6d2739d36 {
[404: null]
message: null,
code: 404,
time: Thu Jan 19 2017 00:41:13 GMT+0000 (UTC),
requestId: '0ENTKJ09RT82VE0SFEUJKT75NVVV4KQNSO5AEMVJF66Q9ASUAAJG',
statusCode: 404,
retryable: false,
retryDelay: 26.97333029936999
}
'404: null
at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/query.js:45:29)
at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:668:14)
at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:670:12)
at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:115:18)'
As per your comments, when you use AWS.config.update, it affects all services.
By setting the endpoint parameter to the dynamodb endpoint, you are setting that endpoint for all services, including SNS.
This is an offending example where it says to specify the endpoint for dynamodb:
http://docs.aws.amazon.com/amazondynamodb/latest/gettingstartedguide/GettingStarted.NodeJs.Summary.html
Instead, the endpoint should be taken out of AWS.config.update and somehow specified in each service's constructor.
Matt - That was it. Dynamodb config was what was causing this issue. Appreciate all your help.
Thanks