如何解决嵌套工作流 - 请求中包含的安全令牌无效
我使用 local docker StepFunctions setup 并尝试使用 sync
或 waitForTaskToken
在 StateMachine(嵌套工作流)中调用 StateMachine。但是有这个错误(见下文)。
有人知道这是什么意思吗?是不是因为本地 StepFunctions 服务不允许 StateMachine 调用另一个 StateMachine?
2021-01-15 02:11:03.336: arn:aws:states:us-east-1:123456789012:execution:Foobar-Dev:6bae52c1-3562-44a5-88fd-68a533f054bf :
{
"Type":"TaskFailed","PrevIoUsEventId":29,"TaskFailedEventDetails":{
"ResourceType":"states","Resource":"startExecution.sync","Error":"StepFunctions-AWsstepFunctionsException","Cause":"The security token included in the request is invalid. (Service: AWsstepFunctions; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: ca3a983d-3496-4d48-854a-1bb803a44f2a; Proxy: null)"
}
}
主要工作流定义:
"FoobarWorkflow": {
"Type": "Task","Resource": "arn:aws:states:::states:startExecution.sync","Parameters": {
"StateMachineArn": "arn:aws:states:us-east-1:123456789012:stateMachine:Foobar-Dev","Input": {
"NeedCallback": false,"AWS_STEP_FUNCTIONS_STARTED_BY_EXECUTION_ID.$": "$$.Execution.Id"
}
},
子工作流定义:
{
"Comment": "Foobar-Dev","StartAt": "Screening","Version": "1.0","TimeoutSeconds": 480,"States": {
"Screening": {
"Type": "Task","Resource": "arn:aws:states:us-east-1:123456789012:activity:ScreeningActivity-Dev","Next": "ScreeningChoiceState","Retry": [
{
"ErrorEquals": [
"States.TaskFailed","States.Runtime"
],"IntervalSeconds": 3,"MaxAttempts": 3,"BackoffRate": 2
}
],"Catch": [
{
"ErrorEquals": [
"States.TaskFailed","Next": "DefaultSystemFailure","ResultPath": "$.error"
},{
"ErrorEquals": [
"States.ALL"
],"ResultPath": "$.error"
}
]
},...
"ScreeningFinalDecision": {
"Type": "Task","Resource": "arn:aws:states:us-east-1:123456789012:activity:ScreeningFinalDecision-Dev","End": true
}
解决方法
经过一番挖掘,似乎对于本地 StepFunction docker 设置,我们需要为 access_key_id
和 secret_access_key
传递额外的环境变量以启用嵌套工作流。
文档谈到了这个here。
要为 Docker 配置 Step Functions Local,请创建以下内容
文件:aws-stepfunctions-local-credentials.txt
。
此文件包含您的凭据和其他配置选项, 如下所示。
AWS_DEFAULT_REGION=AWS_REGION_OF_YOUR_AWS_RESOURCES
AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY
AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_KEY
一旦您在 aws-stepfunctions-local-credentials.txt,用 以下命令。
docker run -p 8083:8083 --env-file aws-stepfunctions-local-credentials.txt amazon/aws-stepfunctions-local
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。