Search code examples
aws-lambdaboto3amazon-keyspaces

Accessing AWS Keyspaces service from an AWS Lambda through boto3

I am trying to access the keyspaces service through boto3 since it is referenced in the official doc ... However when I try from a sample lambda:

def lambda_handler(event: Dict[str, Any], context: Any):
    client = boto3.client('keyspaces')
    print(client.get_table(keyspaceName='mykeyspace', tableName='mytable'))
    return {
        'status': 'completed'
    }

I get the following error message, which basically says that "keyspaces" are not available.

{
  "errorMessage": "Unknown service: 'keyspaces'. Valid service names are: accessanalyzer, account, acm, acm-pca, alexaforbusiness, amp, amplify, amplifybackend, amplifyuibuilder, apigateway, apigatewaymanagementapi, apigatewayv2, appconfig, appconfigdata, appflow, appintegrations, application-autoscaling, application-insights, applicationcostprofiler, appmesh, apprunner, appstream, appsync, athena, auditmanager, autoscaling, autoscaling-plans, backup, backup-gateway, batch, braket, budgets, ce, chime, chime-sdk-identity, chime-sdk-meetings, chime-sdk-messaging, cloud9, cloudcontrol, clouddirectory, cloudformation, cloudfront, cloudhsm, cloudhsmv2, cloudsearch, cloudsearchdomain, cloudtrail, cloudwatch, codeartifact, codebuild, codecommit, codedeploy, codeguru-reviewer, codeguruprofiler, codepipeline, codestar, codestar-connections, codestar-notifications, cognito-identity, cognito-idp, cognito-sync, comprehend, comprehendmedical, compute-optimizer, config, connect, connect-contact-lens, connectparticipant, cur, customer-profiles, databrew, dataexchange, datapipeline, datasync, dax, detective, devicefarm, devops-guru, directconnect, discovery, dlm, dms, docdb, drs, ds, dynamodb, dynamodbstreams, ebs, ec2, ec2-instance-connect, ecr, ecr-public, ecs, efs, eks, elastic-inference, elasticache, elasticbeanstalk, elastictranscoder, elb, elbv2, emr, emr-containers, es, events, evidently, finspace, finspace-data, firehose, fis, fms, forecast, forecastquery, frauddetector, fsx, gamelift, glacier, globalaccelerator, glue, grafana, greengrass, greengrassv2, groundstation, guardduty, health, healthlake, honeycode, iam, identitystore, imagebuilder, importexport, inspector, inspector2, iot, iot-data, iot-jobs-data, iot1click-devices, iot1click-projects, iotanalytics, iotdeviceadvisor, iotevents, iotevents-data, iotfleethub, iotsecuretunneling, iotsitewise, iotthingsgraph, iottwinmaker, iotwireless, ivs, kafka, kafkaconnect, kendra, kinesis, kinesis-video-archived-media, kinesis-video-media, kinesis-video-signaling, kinesisanalytics, kinesisanalyticsv2, kinesisvideo, kms, lakeformation, lambda, lex-models, lex-runtime, lexv2-models, lexv2-runtime, license-manager, lightsail, location, logs, lookoutequipment, lookoutmetrics, lookoutvision, machinelearning, macie, macie2, managedblockchain, marketplace-catalog, marketplace-entitlement, marketplacecommerceanalytics, mediaconnect, mediaconvert, medialive, mediapackage, mediapackage-vod, mediastore, mediastore-data, mediatailor, memorydb, meteringmarketplace, mgh, mgn, migration-hub-refactor-spaces, migrationhub-config, migrationhubstrategy, mobile, mq, mturk, mwaa, neptune, network-firewall, networkmanager, nimble, opensearch, opsworks, opsworkscm, organizations, outposts, panorama, personalize, personalize-events, personalize-runtime, pi, pinpoint, pinpoint-email, pinpoint-sms-voice, polly, pricing, proton, qldb, qldb-session, quicksight, ram, rbin, rds, rds-data, redshift, redshift-data, rekognition, resiliencehub, resource-groups, resourcegroupstaggingapi, robomaker, route53, route53-recovery-cluster, route53-recovery-control-config, route53-recovery-readiness, route53domains, route53resolver, rum, s3, s3control, s3outposts, sagemaker, sagemaker-a2i-runtime, sagemaker-edge, sagemaker-featurestore-runtime, sagemaker-runtime, savingsplans, schemas, sdb, secretsmanager, securityhub, serverlessrepo, service-quotas, servicecatalog, servicecatalog-appregistry, servicediscovery, ses, sesv2, shield, signer, sms, sms-voice, snow-device-management, snowball, sns, sqs, ssm, ssm-contacts, ssm-incidents, sso, sso-admin, sso-oidc, stepfunctions, storagegateway, sts, support, swf, synthetics, textract, timestream-query, timestream-write, transcribe, transfer, translate, voice-id, waf, waf-regional, wafv2, wellarchitected, wisdom, workdocs, worklink, workmail, workmailmessageflow, workspaces, workspaces-web, xray",
  "errorType": "UnknownServiceError",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 39, in lambda_handler\n    client = boto3.client(\"keyspaces\")\n",
    "  File \"/var/runtime/boto3/__init__.py\", line 93, in client\n    return _get_default_session().client(*args, **kwargs)\n",
    "  File \"/var/runtime/boto3/session.py\", line 270, in client\n    return self._session.create_client(\n",
    "  File \"/var/runtime/botocore/session.py\", line 841, in create_client\n    client = client_creator.create_client(\n",
    "  File \"/var/runtime/botocore/client.py\", line 83, in create_client\n    service_model = self._load_service_model(service_name, api_version)\n",
    "  File \"/var/runtime/botocore/client.py\", line 150, in _load_service_model\n    json_model = self._loader.load_service_model(service_name, 'service-2',\n",
    "  File \"/var/runtime/botocore/loaders.py\", line 132, in _wrapper\n    data = func(self, *args, **kwargs)\n",
    "  File \"/var/runtime/botocore/loaders.py\", line 377, in load_service_model\n    raise UnknownServiceError(\n"
  ]
}

Does anybody know if keyspaces are actually available in AWS Lambda through boto3?

Solution

  • The error indicates that keyspaces is not available with current boto3 version available with lambda runtime. As per below link it is boto3-1.20.32

    https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html

    I have also gone through boto3 changelog and unable to find when keyspaces support added to boto3, but I am able to see some changes/fixes done to boto3 version 1.21.x

    https://github.com/boto/boto3/blob/develop/CHANGELOG.rst#12120

    How ever you can still try creating lambda layers with latest boto3 versions as explained below and use keyspaces with it.

    https://aws.amazon.com/premiumsupport/knowledge-center/lambda-python-runtime-errors/

    Below link talks about one another way to connect to keyspaces via lambda:

    https://github.com/aws-samples/aws-keyspaces-lambda-python

    secret_client = boto3.client('secretsmanager')
secret_response = secret_client.get_secret_value(SecretId=CASSANDRA_CREDS)
secret = json.loads(secret_response.get('SecretString'))

cassandra_user = secret['ServiceSpecificCredential']['ServiceUserName']
cassandra_password = secret['ServiceSpecificCredential']['ServicePassword']
auth_provider = PlainTextAuthProvider(username=cassandra_user, password=cassandra_password)

ssl_context = SSLContext(PROTOCOL_TLSv1)
ssl_context.load_verify_locations('AmazonRootCA1.pem')
ssl_context.verify_mode = CERT_REQUIRED
cluster = Cluster(['cassandra.{}.amazonaws.com'.format(AWS_DEFAULT_REGION)], port=9142, ssl_context=ssl_context, auth_provider=auth_provider)
session = cluster.connect()