[Bedrock Lambda API Gateway]Trouble Shooting When Using AWS Bedrock, Lambda, and API Gateway

BRYNNBRYNN
2 min read

1. Bedrock Model Access: IAM Permissions Not Enough

  • Issue: Even with correct IAM permissions, additional access requests are needed to use Bedrock models.

  • Solution: Go to the Bedrock console and submit a "Request to Access" for the desired model. This step is required to enable model usage beyond basic IAM permissions.

2. Trust Policy Updates for API Gateway and Lambda

  • Objective: Allow API Gateway and Lambda to use a specific IAM role.

  • Solution: Modify the trust policy.

Updated Trust Policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    },
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "apigateway.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

  • Explanation: This trust policy allows both Lambda and API Gateway to assume the specified IAM role, enabling seamless interaction between these services.

  • What is a Trust Policy?:

    • It defines which AWS services can assume a specific IAM role, different from identity-based or resource-based policies.

3. Lambda Function Testing: Differences Between Direct and API Gateway Invocations

Context: Different testing methods require different request formats due to the Lambda Proxy Integration setup in API Gateway.

Direct Lambda Testing:

  • Method: Include the body field in the event payload when testing directly from the Lambda console.

  • Test Example:

      {
    "body": "{\"estimate\": { \"CPU\": { \"Model\": \"Ryzen 5 3600\", \"Company\": \"AMD\" } }}"
  }

  • Reason: The body field is a string containing JSON data, simulating how API Gateway passes data to Lambda when using Lambda Proxy Integration.

API Gateway Testing:

  • Method: API Gateway passes the request payload directly, including it in the body field of the event object automatically due to the Lambda Proxy Integration setup.

  • Test Example:

      {
    "estimate": { 
      "CPU": { 
        "Model": "Ryzen 5 3600", 
        "Company": "AMD" 
      }
    }
  }

  • Reason: API Gateway sends the request data as-is, placing it into the body field automatically, so the Lambda function needs to handle it accordingly.

Key Points:

  • Lambda Console Testing: Include the body field in the request payload manually to simulate how API Gateway wraps the data.

  • API Gateway Testing: API Gateway automatically places the request data in the body field when using Lambda Proxy Integration.

Note: These differences in testing arise due to the Lambda Proxy Integration setup in API Gateway, which automatically wraps the request payload in a body field when it invokes the Lambda function.

0
Subscribe to my newsletter

Read articles from BRYNN directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSAmazon BedrockAPIlambda

Written by

BRYNN
BRYNN