I've been working with AWS since last night and today so please excuse my ignorance and lack of terminology.
I currently have an EC2 Instance running an Unreal Engine Dedicated Game Server and I'm able to connect to it as a Client.
This tells me I've setup the permissions and routing correctly since I'm able to SSH as well as connect and play the game remotely.
The current task is to create UI that shows a server list and I'm having a hard time understanding how I could troubleshoot why my call to ec2.describeInstances() from my Lambda function isn't working.
This is (one of the many variations) of the code I'm using:
let aws = require('aws-sdk');
let ec2 = new aws.EC2({apiVersion: '2016-11-15'});
aws.config.update({region: 'us-east-2'});
exports.handler = async function (event) {
console.log("Describe Instance\n");
await ec2.describeInstances({}, (e, data) => {
console.log("Callback\n");
e ? console.log(e) : console.log(data);
});
};
I've been reading the documentation as well as previous questions and answers but it seems that some folks insist that you need a NAT while others say you only need a NAT if your Lambda function needs access to the internet.
However, your Lambda only needs access to the internet if it's attached to a VPC - but even if it's attached to be a VPC, I'm still able to call it remotely without setting up a NAT so I don't understand how that works.
Either way, my Lambda is not attached to a VPC nor does it need to be (as far as I understand) due to my EC2 being on a public subnet anyway so my Lambda should be able to see it and communicate with it.
Although, I'm assuming ec2.describeInstances will get ALL of my instances (at least that's what I'm hoping for). Does that mean I need to provide the Lambda with some global account access or something?
Any pointers in the right direction would be greatly appreciated. Thank you!
EDIT: The Lambda has the following Execution role permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EC2InstanceConnect",
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeVpcs",
"ec2:DescribeRegions",
"ec2:DescribeVolumes",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": [
"*",
"arn:aws:logs:*:*:*"
]
}
]
}
EDIT 2: I threw up a quick node app and tried this and was able to successfully get the instances. Still working on trying to figure out why this same exact function call isn't working when being called from AWS Lambda.
import aws from "aws-sdk"
aws.config.update({
credentials: new aws.Credentials("KEY", "SECRET"),
region: 'us-east-2'
})
let ec2 = new aws.EC2();
ec2.describeInstances((err, data) => {
err ? console.log(err) : console.log(data);
});
EDIT 3: I've created a test for my Lambda (within Lambda) and when executing it I can see my console log for Describe Instance as such - note that this is before ec2.describeInstances gets called:
This happens sporadically, but when I click Test again, I'm sometimes getting my EC2 instance data. However, it's not always the same output - sometimes the data is truncated in very odd places.
Here's an example of the latest test that successfully brought data back in a somewhat "full" manner. However, notice the console logs don't make any sense. Describe Instances is called BEFORE I call ec2.describeInstances yet the test Starts, prints Callback, prints the data from the callback, and then finally prints Describe Instance and Ends.
It's almost as if I'm getting this data from a previous call? Which doesn't make any sense but due to the weird log output, I'm a bit more confused than I was before!