I'm trying to set some custom API Gateway responses using aws cli. This is the command I'm using (only the related parameter):
aws apigateway put-gateway-response --response-parameters method.response.header.Access-Control-Allow-Origin='"'"'*'"'"'
The complete command is:
aws apigateway put-gateway-response --rest-api-id w1s3nc4dxd --response-type UNAUTHORIZED --status-code 401 --response-parameters method.response.header.Access-Control-Allow-Origin='"'"'*'"'"' --response-templates '{ "application/json": "{\"errorcode\":401,\"message\":$context.error.messageString}" }' --region eu-west-1
And it fails with:
An error occurred (BadRequestException) when calling the PutGatewayResponse operation: Invalid mapping expression specified: Validation Result: warnings : [], errors : [Invalid mapping expression specified: method.response.header.Access-Control-Allow-Origin]
If it is executed without that param, everything works properly. I have also tried with the json format and same result.
--response-parameters '{"method.response.header.Access-Control-Allow-Origin":"'"'*'"'"}'
Any insight? Thanks in advance.
--- EDIT
Just for an extra clarification. This fails with all kind of response-parameters, this is not only involving Access-Control-Allow-Origin header.
I believe the format for Gateway Response parameters should be gatewayresponse.header.[name]. That will be the map key (destination), and the value (source) is either a static value (like you have) or a mapping expression to method.request.(path|querystring|header).[name] or stageVariables.[name] or context.[name]
Try using
--response-parameters '{"gatewayresponse.header.Access-Control-Allow-Origin":"'"'*'"'"}', it worked for me
Related
I am looking for setting up basic authentication mechanism using aws elb. It does support listener rules where in if specific header match then return fixed response however it looks like the fixed response is limited to headers ContentType only.
aws elbv2 modify-rule --rule-arn arn:aws:elasticloadbalancing:us-east-2:blah:listener-rule/app/blah --actions '{"Type": "fixed-response","Order": 1,"FixedResponseConfig": {"StatusCode": "401","ContentType": "text/plain","WWW-Authenticate" : "Basic realm="my realm""}}'
It looks like its not supported? Is there a reason for not supporting such a requirement ?
I get an error Parameter validation failed: Unknown parameter in Actions[0].FixedResponseConfig: "WWW-Authenticate", must be one of: MessageBody, StatusCode, ContentType
I try to use "instance_profile_credentials" at ec2 instance as credentials. However I get
2021-09-16 14:16:50 +0000 [error]: #0 unexpected error error_class=RuntimeError error="can't call S3 API. Please check your credentials or s3_region configuration. error = #<Aws::Errors::MissingCredentialsError: unable to sign request without credentials set>"
I pretty sure my s3_region is correct, and I can use cli "aws s3 cp " to copy object at command line, not sure what going wrong.
I wonder if that because I am under a http proxy. However, I already setup "proxy_uri" parameter. Not sure what else I can do to check what going wrong?
I am trying to follow along the AWS Getting Started with Lambda Tutorial, but I am having Issues actually invoking my Function using the CLI.
I came across THIS step and got two errors:
An error occurred (InvalidRequestContentException) when calling the
Invoke operation: Could not parse request body into json: Could not
parse payload into json: Unexpected character ((CTRL-CHAR, code 145)):
expected a valid value (JSON String, Number, Array, Object or token
'null', 'true' or 'false') at [Source: (byte[])"��j[�"; line: 1,
column: 2]
and
An error occurred (ResourceNotFoundException) when calling the
GetLogEvents operation: The specified log group does not exist.
I assume the first error is caused by the first command :
aws lambda invoke --function-name my-function --payload '{"key": "value"}' out.json
and the second error accordingly by:
aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5
I am more concerned about the first error.
I tried to solve this, by looking at the documentation for invoking a lambda function using the CLI. The most basic example was:
aws lambda invoke --function-name my-function --payload '{ "key":
"value" }' response.json
Using this, I get the same Error code
Could not
parse payload into json: Unexpected character ((CTRL-CHAR, code 145)):
I have asked about this in the AWS Dev Forums, but have not gotten any answer.
There where a few topics about similar errors on Stackoverflow, however they mentioned a specific character that was missing in the payload to be valid JSON.
According to google "CTRL-CHAR" sometimes points out a line break in your JSON, but there are none in this example. As far, as I can tell, the payload is valid JSON.
According to the CLI Documentation, you can also use other data types as payload. So I tried just passing a list:
aws lambda invoke --function-name my-func2 --payload '[2, 3, 4, 5]' out.json
I got the error:
Could not parse request body into json: Could not parse payload into
json: Unrecognized token 'Û': was expecting (JSON String, Number,
Array, Object or token 'null', 'true' or 'false')
Just in case anyone ever gets stuck at the same point while doing the official Lambda Tutorial:
I had the issue solved by adding:
--cli-binary-format raw-in-base64-out
as a parameter.
According to : CLI 2 AWS DOCS
This has something to do with encoding changes from CLI 1 to CLI 2.
It can also be added to to the aws config file, so you dont have to add it manually every time.
However, I am not sure why the Lambda Tutorial would not mention this, since the tutorial assumes you use CLI 2 and also guides you through the steps of the installation...
For me this way it worked in windows:
aws lambda invoke --function-name Func2 --payload {\"key1\":\"val1\"} --cli-binary-format raw-in-base64-out out.json
As suggested by MrTony, I added "--cli-binary-format raw-in-base64-out" args
I want to send image to aws api gateway in base64, hence i went through some articles where it was necessary to perform patch operations to covert the image to binary. (https://medium.com/#adil/how-to-send-an-image-as-a-response-via-aws-lambda-and-api-gateway-3820f3d4b6c8)
But after thoroughly going through the instructions and trying to apply them
chiragMacBook:new chirag912$ aws apigateway update-integration-response \
--rest-api-id q1205tf9ok \
--resource-id t4ssj5 \
--http-method GET \
--status-code 200 \
-- patch-operations '[{"op":"replace","path":"/contentHandling","value": "CONVERT_TO_BINARY"}]'
I came across this error.
An error occurred (NotFoundException) when calling the UpdateIntegrationResponse operation: Invalid Method identifier specified
Not sure if you have already figure this out yourself. But this error usually happens when you try to update integration response for a http method which doesn't exist.
So verify if there is a GET method defined. One common scenario could be that you might have defined a Proxy with ANY method and you are trying to update with GET which would result with the same error message.
aws --version
aws-cli/1.16.76 Python/2.7.10 Darwin/16.7.0 botocore/1.12.66
I'm trying to programmatically add an APNS_SANDBOX channel to a pinpoint app. I'm able to do this successfully via the pinpoint console, but not with aws cli or a lambda function which is the end goal. Changes to our Test/Prod environments can only be made via the CodePipeline, but for testing purposes I'm trying to achieve this with the aws cli.
I've tried both aws cli (using the root credentials) and a lambda function -- both result in the following error:
An error occurred (BadRequestException) when calling the UpdateApnsSandboxChannel operation: Missing credentials
I have tried setting the Certificate field in the UpdateApnsSandboxChannel json object as the path to the .p12 certificate file as well as using a string value retrieved from the openssl tool.
Today I worked with someone from aws support, and they were not able to figure out the issue after trying to debug for a couple of hours. They said they would send an email to the pinpoint team, but they did not have an ETA on when they might respond.
Thanks
I ended up getting this to work successfully -- This is why it was failing:
I was originally making the cli call with the following request object as this is what is including in the documentation:
aws pinpoint update-apns-sandbox-channel --application-id [physicalID] --cli-input-json file:///path-to-requestObject.json
{
"APNSSandboxChannelRequest": {
"BundleId": "com.bundleId.value",
"Certificate":"P12_FILE_PATH_OR_CERT_AS_STRING",
"DefaultAuthenticationMethod": "CERTIFICATE",
"Enabled": true,
"PrivateKey":"PRIVATEKEY_FILE_PATH_OR_AS_STRING",
"TeamId": "",
"TokenKey": "",
"TokenKeyId": ""
},
"ApplicationId": "Pinpoint_PhysicalId"
}
After playing around with it some more I got it to work by removing BundleId, TeamId, TokenKey, and TokenKeyId. I believe these fields are needed when using a p8 certificate.
{
"APNSSandboxChannelRequest": {
"Certificate":"P12_FILE_PATH_OR_CERT_AS_STRING",
"DefaultAuthenticationMethod": "CERTIFICATE",
"Enabled": true,
"PrivateKey":"PRIVATEKEY_FILE_PATH_OR_AS_STRING"
},
"ApplicationId": "Pinpoint_PhysicalId"
}