Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@instana/aws-lambda

Package Overview
Dependencies
Maintainers
0
Versions
235
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@instana/aws-lambda - npm Package Compare versions

Comparing version 4.0.0 to 4.0.1

11

CHANGELOG.md

@@ -6,2 +6,13 @@ # Change Log

## [4.0.1](https://github.com/instana/nodejs/compare/v4.0.0...v4.0.1) (2024-10-28)
### Bug Fixes
- **aws-lambda:** fixed error caused by missing aws-sdk during agent key retrieval from SSM ([#1402](https://github.com/instana/nodejs/issues/1402)) ([6329c66](https://github.com/instana/nodejs/commit/6329c6623e99d1f7eee5570dd9ebfa72bb953917))
### Reverts
- Revert "ci: skipped all other regions and only china region with debug" ([71f4643](https://github.com/instana/nodejs/commit/71f46431791c80af82e927361de9c9f5dd10e222))
- Revert "ci: skipping the Chinese regions from publishing lambda layers" ([1099189](https://github.com/instana/nodejs/commit/1099189dbce7840d0bebcae7a881a32d58c8fb27))
# [4.0.0](https://github.com/instana/nodejs/compare/v3.21.0...v4.0.0) (2024-10-23)

@@ -8,0 +19,0 @@

8

package.json
{
"name": "@instana/aws-lambda",
"version": "4.0.0",
"version": "4.0.1",
"description": "Instana tracing and monitoring for Node.js based AWS Lambdas",

@@ -72,6 +72,6 @@ "author": {

"dependencies": {
"@instana/core": "4.0.0",
"@instana/serverless": "4.0.0"
"@instana/core": "4.0.1",
"@instana/serverless": "4.0.1"
},
"gitHead": "eb6f977ffab2e49196e3ed8c2c6abee128a5d16c"
"gitHead": "67d792958e4031e600dff3fd4d4fc5e91093e960"
}

88

src/ssm.js

@@ -36,5 +36,3 @@ /*

module.exports.init = ({ logger }) => {
let AWS;
// CASE: Customer did not set INSTANA_SSM_PARAM_NAME, skip
// CASE: INSTANA_SSM_PARAM_NAME is not set, skip
if (!exports.isUsed()) {

@@ -53,18 +51,15 @@ return;

/**
* From https://docs.aws.amazon.com/lambda/latest/dg/lambda-nodejs.html:
*
* Your code runs in an environment that includes the AWS SDK for JavaScript,
* with credentials from an AWS Identity and Access Management (IAM) role that you manage.
* As per AWS Lambda Node.js documentation: https://docs.aws.amazon.com/lambda/latest/dg/lambda-nodejs.html
* The environment includes the AWS SDK for JavaScript, with credentials from an IAM role that you manage.
*/
// eslint-disable-next-line instana/no-unsafe-require, import/no-extraneous-dependencies
AWS = require('aws-sdk');
// eslint-disable-next-line import/no-extraneous-dependencies, instana/no-unsafe-require, prefer-const
const { SSMClient, GetParameterCommand } = require('@aws-sdk/client-ssm');
// https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html
const ssm = new AWS.SSM({ region: process.env.AWS_REGION });
const params = {
Name: envValue,
/**
* See https://docs.aws.amazon.com/cli/latest/reference/ssm/get-parameter.html#options
* The value in the parameter store was either created with type "string" or "safestring"
* A "safestring" uses a KMS key to encrypt/decrypt the value in the store.
* For more details, see:
* https://docs.aws.amazon.com/cli/latest/reference/ssm/get-parameter.html#options
* The parameter in the store is either a "string" or a "SecureString".
* A "SecureString" uses a KMS key for encryption/decryption.
*/

@@ -74,28 +69,25 @@ WithDecryption: process.env[ENV_DECRYPTION] === 'true'

logger.debug(`INSTANA_SSM_PARAM_NAME is ${envValue}.`);
ssm.getParameter(params, (err, data) => {
if (err) {
errorFromAWS = `Error from AWS-SDK SSM Parameter Store: ${err.message}`;
} else {
try {
// CASE: Customer created key with decryption KMS key, but does not tell us
if (data.Parameter.Type === 'SecureString' && process.env[ENV_DECRYPTION] !== 'true') {
errorFromAWS = 'SSM Key is a SecureString. Please pass INSTANA_SSM_DECRYPTION=true';
} else {
fetchedValue = data.Parameter.Value;
errorFromAWS = null;
logger.debug(`INSTANA AGENT KEY: ${fetchedValue}`);
}
} catch (readError) {
errorFromAWS = `Could not read returned response from AWS-SDK SSM Parameter Store: ${readError.message}`;
logger.debug(`INSTANA_SSM_PARAM_NAME is ${process.env.INSTANA_SSM_PARAM_NAME}.`);
const client = new SSMClient({ region: process.env.AWS_REGION });
const command = new GetParameterCommand(params);
client
.send(command)
.then(response => {
// CASE: The parameter is of type SecureString, but decryption wasn't specified
if (response.Parameter.Type === 'SecureString' && process.env[ENV_DECRYPTION] !== 'true') {
errorFromAWS = 'The SSM parameter is a SecureString. Please set INSTANA_SSM_DECRYPTION=true.';
} else {
fetchedValue = response.Parameter.Value;
errorFromAWS = null;
logger.debug(`INSTANA AGENT KEY: ${fetchedValue}`);
}
}
});
})
.catch(error => {
errorFromAWS = `Could not read returned response from AWS-SDK SSM Parameter Store: ${error.message}`;
});
} catch (err) {
logger.warn('AWS SDK not available.');
logger.warn('AWS SDK is not available.');
errorFromAWS =
'Could not fetch instana key from SSM parameter store using ' +
`"${process.env.INSTANA_SSM_PARAM_NAME}", because the AWS SDK is not available. ` +
`Reason: ${err.message}`;
`Unable to fetch the Instana key from the SSM Parameter Store using "${process.env.INSTANA_SSM_PARAM_NAME}",` +
` as the AWS SDK is unavailable. Reason: ${err.message}`;
}

@@ -109,3 +101,3 @@ };

}
// CASE: Customer has set INSTANA_SSM_PARAM_NAME, but we were not able to fetch the value from AWS
// CASE: INSTANA_SSM_PARAM_NAME was set, but AWS response could not be fetched
if (errorFromAWS) {

@@ -116,6 +108,7 @@ return callback(errorFromAWS);

const endInMs = Date.now();
const awsTimeoutInMs = process.env.INSTANA_AWS_SSM_TIMEOUT_IN_MS ? Number(process.env.INSTANA_AWS_SSM_TIMEOUT) : 1000;
const awsTimeoutInMs = process.env.INSTANA_AWS_SSM_TIMEOUT_IN_MS
? Number(process.env.INSTANA_AWS_SSM_TIMEOUT_IN_MS)
: 1000;
// CASE: the time between ssm lib initialisation and waitAndGetInstanaKey call
// (which is the end of the customers lambda handler) is already too big to wait for the AWS response
// CASE: The time between SSM initialization and waitAndGetInstanaKey is too long to wait for the AWS response
if (endInMs - initTimeoutInMs > awsTimeoutInMs) {

@@ -126,9 +119,8 @@ return callback(`Stopped waiting for AWS SSM response after ${awsTimeoutInMs}ms.`);

/**
* Inside AWS the call to `getParameter` mostly takes 30-50ms
* Because we initialise the fetch already before the customer's handler is called,
* the chance is very high that the interval is not even used.
*
* In our tests it takes usually ~>150ms (remote call)
* The `GetParameterCommand` call in AWS typically takes about 80 to 500ms.
* This fetching process starts before the customer's handler is invoked,
* and a delay was noticed during a cold start, so this interval may be significant in that case.
* However, it's unlikely that this interval will be needed in other scenarios.
*/
let stopIntervalAfterMs = 250;
let stopIntervalAfterMs = 500;
let ssmTimeOutEnv = process.env.INSTANA_LAMBDA_SSM_TIMEOUT_IN_MS;

@@ -139,3 +131,3 @@

// NOTE: Customer could set the timeout higher than the lambda timeout, but that is up to him
// NOTE: The customer might set a timeout greater than the Lambda timeout
if (!isNaN(ssmTimeOutEnv)) {

@@ -142,0 +134,0 @@ stopIntervalAfterMs = ssmTimeOutEnv;

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc