Newbe Dev Stack

Answer : Lambda is standalone service that doesn't need to be integrated with API Gateway. queryStringParameters , body , body mapping templates , all of this is specific not to Lambda, but to Lambda - API Gateway integration. If you are using Lambda with other services then the data is usually passed directly via event object and there is not much of a reason to pass it in some other way. For example, you can subscribe Lambda function to S3 bucket and use it to programatically process events such as file being uploaded to your bucket. In this case, information such as bucket name, object key, object data, metadata, ... will be passed directly via event object. And, when using Lambda with API Gateway, why would you want to use body mapping templates to pass data to your Lambda function directly via event object? Because you can reuse that function much easier for other purposes (if viable in your scenario), because your Lambda function will have much simpler interface,...

Answer : As noted by Michael , this is the error message you will see when you reach the documented default " safety " limit of 100 concurrent invocations : " AWS Lambda has a default safety throttle of 100 concurrent executions per account per region. If you wish to submit a request to increase the throttle of 100 concurrent executions you can visit our Support Center ..." The solution was to open a support ticket providing the following info: Limit increase request 1 Service: Lambda Region: EU (Ireland) Limit name: concurrent requests (average duration * average TPS) New limit value: 2000 And then in the body of the ticket/request try to estimate your usage pattern: Expected average requests per second: 200 Expected peak requests per second: 2000 Expected function duration: 2 seconds Function memory size: 1000mb Invocation Type: Request-response Event Source: Api Gateway & Lambda<->Lambda It can take a while to get a res...

Answer : Usually, when you see Malformed Lambda proxy response , it means your response from your Lambda function doesn't match the format API Gateway is expecting, like this { "isBase64Encoded": true|false, "statusCode": httpStatusCode, "headers": { "headerName": "headerValue", ... }, "body": "..." } If you are not using Lambda proxy integration, you can login to API Gateway console and uncheck the Lambda proxy integration checkbox. Also, if you are seeing intermittent Malformed Lambda proxy response , it might mean the request to your Lambda function has been throttled by Lambda, and you need to request a concurrent execution limit increase on the Lambda function. If lambda is used as a proxy then the response format should be { "isBase64Encoded": true|false, "statusCode": httpStatusCode, "headers": { "headerName": "headerValue", ......

Answer : This error is common if you try to deploy a Lambda in a VPC without giving it the required network interface related permissions ec2:DescribeNetworkInterfaces , ec2:CreateNetworkInterface , and ec2:DeleteNetworkInterface (see AWS Forum). For example, this a policy that allows to deploy a Lambda into a VPC: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:DescribeNetworkInterfaces", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:DescribeInstances", "ec2:AttachNetworkInterface" ], "Resource": "*" } ] } If you are using terraform, just add: resource "aws_iam_role_policy_attachment" "AWSLambdaVPCAccessExecutionRole" { role = aws_iam_role.lambda.name policy_arn = "arn:aws:iam::aws:po...

Answer : While I can't say specifically what happened in your situation, the error message means that the Role/User that CloudFormation used to deploy resources did not have appropriate iam:PassRole permissions. The iam:PassRole permission is used when assigning a role to resources. For example, when an Amazon EC2 instance is launched with an IAM Role, the entity launching the instance requires permission to specify the IAM Role to be used. This is done to prevent users gaining too much permission . For example, a non-administrative user should not be allowed to launch an instance with an Administrative role, since they would then gain access to additional permissions to which they are not entitled. In the case of your template, it would appear that CloudFormation is creating a function and is assigning the FnRole permission to that function. However, the CloudFormation template has not been given permission to assign this role to the function . When a CloudFormation te...