One thing that helps policy related issues is testing it with the Policy generator - https://serverless-stack.com/chapters/debugging-serverless-api-issues.html#missing-iam-policy
Give that a try.
Wow thatâs really weird. Any idea why that was happening?
I think there is something wrong with updating a note after it has been created. I get a 500 error on the front end at www.alexanderrobertnovotny.com I tried testing with the npx aws-api-gateway-cli-test command in command prompt with the appropriate credentials, I get the following:
Making API request
{
status: 500,
statusText: 'Internal Server Error',
data: { status: false }
}
I did some googling. canât find anything. Any thoughts? Github repos are under un smartoneinok
Since itâs a 500 error, that means that it is being thrown in your Lambda code. You can add a console.log and check the Lambda logs to see what is going on. You can read up on the logs here:
So far this has been a great tutorial and everything has installed without issue but Iâm stuck on testing the API. Iâm using Windows Power Shell and this is my command for testing through the CLI.
npx aws-api-gateway-cli-test --username admin@example.com --password Passw0rd! --user-pool-id us-east-2_hTBuyaPY1 --app-client-id 5hg6dpe4464n6tsdl0p31r12oa --cognito-region us-east-2 --identity-pool-id us-east-2:e27f1419-7666-4f6c-ad5b-920ea07f82b2 --invoke-url https://7zu3cgym2i.execute-api.us-east-2.amazonaws.com/prod --api-gateway-region us-east-2 --path-template /notes --method POST --body "{\"content\":\"hello world\",\"attachment\":\"hello.jpg\"}"
and the return from the command.
npx: installed 105 in 9.227s
Authenticating with User Pool
Getting temporary credentials
Making API request
undefined:1
{\
^
SyntaxError: Unexpected token \ in JSON at position 1
at JSON.parse (<anonymous>)
at makeRequest (C:\Users\pedge\AppData\Roaming\npm-cache\_npx\33900\node_modules\aws-api-gateway-cli-test\index.js:169:19)
at C:\Users\pedge\AppData\Roaming\npm-cache\_npx\33900\node_modules\aws-api-gateway-cli-test\index.js:151:5
at C:\Users\pedge\AppData\Roaming\npm-cache\_npx\33900\node_modules\aws-api-gateway-cli-test\node_modules\aws-sdk\lib\credentials.js:124:23
at C:\Users\pedge\AppData\Roaming\npm-cache\_npx\33900\node_modules\aws-api-gateway-cli-test\node_modules\aws-sdk\lib\credentials.js:212:15
at processTicksAndRejections (internal/process/task_queues.js:79:9)
Any help would be appreciated.
I see this in the logs⌠Iâve tried everything⌠even giving the lamba role full admin access. Any thoughts? User: arn:aws:sts::096540422449:assumed-role/notes-app-2-api-prod-us-east-1-lambdaRole/notes-app-2-api-prod-update is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:096540422449:table/notes', code: 'AccessDeniedException,
This is the lambda role policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "logs:CreateLogStream",
"Resource": [
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-create:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-get:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-list:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-update:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-billing:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-delete:*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "logs:PutLogEvents",
"Resource": [
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-create:*:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-get:*:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-list:*:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-update:*:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-billing:*:*",
"arn:aws:logs:us-east-1:096540422449:log-group:/aws/lambda/notes-app-2-api-prod-delete:*:*"
]
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"dynamodb:DescribeReservedCapacityOfferings",
"dynamodb:ListGlobalTables",
"dynamodb:ListTables",
"dynamodb:DescribeReservedCapacity",
"dynamodb:ListBackups",
"dynamodb:PurchaseReservedCapacityOfferings",
"dynamodb:DescribeLimits",
"dynamodb:ListStreams"
],
"Resource": "*"
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": "dynamodb:*",
"Resource": "arn:aws:dynamodb:us-east-1:096540422449:table/prod-notes"
}
]
}
thats what my issue was and thanks for providing input!
1 Like
Hello Peetss and @jayair,
were you guys able to get this working? I am still running into some issues being able to correctly pass in query params to a custom GET request I have been building. Any help following the notes app example/context would be greatly appreciated!
Hmm it seems like the client is doing a bad job with the error messages. Itâs basically complaining that the JSON parse for the --body argument failed.
Iâm not completely sure how it works in Windows but maybe there is an issue with the quotes?
This IAM role is related to the one in the serverless.yml. I would double-check the formatting for that one.
I recently added some examples to the README with query parameters. Give it a try!
I had the same issue and solved my problem as well
Hello! I am experiencing issues with the huge block of text that we are supposed to run.
My error is:
getaddrinfo ENOTFOUND cognito-identity.âus-east-2â.amazonaws.com
I think it might be coming from the Create a cognito identity pool > edit policy document step, since that is the only time I have seen the phrase cognitoidentity.amazonaws.com come up.
If itâs useful information, this is my second time doing this tutorial and I am using the same admin user / access key id / secret access key from the first time.
getaddrinfo ENOTFOUND cognito-identity.xn --us-east-2-499dua.amazonaws.com
^^ sorry I donât know why the error looks different. Here it is again, this time without a space btwn .xn and --us
ISSUE SOLVED IF YOU ARE EXPERIENCING ERROR 400 / ERROR 500;
I have spent the last two hours debugging and following the debugging guide, which was super helpful because it taught me how to utilize CloudWatch to debug and read the errors.
Guys/gals, if you are experiencing error 400, must likely permission/denied access errors.
Make sure your IAM -> Roles -> appname-prod-region-ambdaRole is granted AdminstratorAccess.
This will solve your Denied/Permission issues with Lambda trying to putitem into the database.
If you are experiencing ERROR 500,;
see picture below
AGAIN!!! Ensure your IAM -> Role -> AdminstratorAccess is granted.
And then make sure your response-lib.js file -> buildResponse function -> under body: -> you have JSON.stringify(body)
And then make sure when you are calling this in terminal;
npx aws-api-gateway-cli-test \
âusername=âadmin@example.comâ \
âpassword=âPassw0rd!â \
âuser-pool-id=âus-east-1_Rx6sNrGEKâ \
âapp-client-id=â3bu730tardbdt3qmjr954njptâ \
âcognito-region=âus-east-1â \
âidentity-pool-id=âus-east-1:b132f645-c676-4279-ae0d-1074cd87beb7â \
âinvoke-url=âhttps://lparjfk05h.execute-api.us-east-1.amazonaws.com/prodâ \
âapi-gateway-region=âus-east-1â \
âpath-template=â/notesâ \
âmethod=âPOSTâ \
âbody="{âtitleâ:âbuy shoesâ,âcontentâ:âalot of shoesâ,âpriorityâ:â1â,âattachmentâ:âhello.jpgâ}"
THIS IS IMPORTANT!!! --> in the guide for macOS users, under --body="âŚ" it indicates no backslash in the given value.
I tried with this:
âbody=â{âcontentâ:âhello worldâ,âattachmentâ:âhello.jpgâ}â
THIS GAVE ME THE ERROR IN RESPONSE FROM THE API
I changed it to this:
âbody="{âtitleâ:âbuy shoesâ,âcontentâ:âalot of shoesâ,âpriorityâ:â1â,âattachmentâ:âhello.jpgâ}"
This passed immediately. I figured this out by backtracking to the mocks -> create-event.json file. We were passing in JSON object to do test the mock files in the earlier sections of the guide.
Anyways, hope this helps.
1 Like
Hey angququ,
Can you please provide more direction to the issue?
Including;
- What you were trying to do.
- At what step the error occured?
- Are you using doing this tutorial on a Windows/MacOs?
4.Providing picture/screenshot image would greatly help us troubleshoot with you!
Thank you,
Anchen
Hi, yes I can provide that information for you.
I am at the ânpx aws-api-gateway-cli-testâ step, where we enter in the huge block of text into our terminal.
This is the error that Iâm getting. Iâm using a MacOS!
Thank you Angququ,
So what ENOTFOUND means that when you are making this aws api gateway call, the server canât find or is unable to connect to the given address.
But now, it seems like your identity pool and users pool is good. Otherwise you wouldnât get pass the getting temporary credentials.
I just tried to replicate your issue. I removed a few characters off my invoke-url="âŚ" and I immediately get the ENOTFOUND - the weirdest part is, your ENOUTFOUND is indicating a different route and not your own invoke-url one.
Can you go to AWS console -> API GATEWAY -> On the left side under the API you created -> click resources and make sure you have the correct "/path-templateâ.
Then on the left side click stages -> click prod -> then you should see a list of items come up, make sure you see invoke URL with a blue background -> copy and paste that URL line into your invoke-url.
Let me know how it goes.
