You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a Lambda function configured to use the Node.js APM agent and with captureHeaders: true (the default) receives a SNS or SQS event with message attributes, it will result in a transaction object with bogus context.message.headers that breaks the APM server transaction schema and breaks on intake with an error like this:
APM server response body: {"accepted":0,"errors":[{"message":"decode error: data read error: v2.transactionRoot.Transaction: v2.transaction.SpanCount: v2.transactionSpanCount.Context: v2.context.Message: v2.contextMessage.Headers: invalid input for HTTPHeader: map[Type:String Value:this is my foo value]","document":"{\"transaction\":{\"name\":\"RECEIVE trentm-play-topic1\",\"type\":\"messaging\",\"result\":\"success\",\"id\":\"9176fe68d4e3b953\",\"trace_id\":\"208075b3b3fd2ac6b549711d94e877f2\",\"duration\":60.559,\"timestamp\":1646781029978068,\"sampled\":true,\"context\":{\"user\":{},\"tags\":{},\"custom\":{},\"service\":{\"origin\":{\"name\":\"trentm-play-topic1\",\"id\":\"arn:aws:sns:us-west-2:627286350134:trentm-play-topic1\",\"version\":\"1.0\"}},\"cloud\":{\"origin\":{\"provider\":\"aws\",\"region\":\"us-west-2\",\"service\":{\"name\":\"sns\"},\"account\":{\"id\":\"627286350134\"}}},\"message\":{\"queue\":{\"name\":\"trentm-play-topic1\"},\"age\":{\"ms\":1247},\"headers\":{\"foo\":{\"Type\":\"String\",\"Value\":\"this is my foo value\"}}}},\"span_count\":{\"started\":0},\"outcome\":\"success\",\"faas\":{\"id\":\"arn:aws:lambda:us-west-2:627286350134:function:trentm-play-fn1\",\"coldstart\":true,\"execution\":\"cc8565c8-a165-4b02-b606-8d477659a40a\",\"trigger\":{\"type\":\"pubsub\",\"request_id\":\"8d426c7c-fe30-5f4b-9a12-36dd1a940ae0\"}},\"sample_rate\":1}}"}]}
The error message from that is v2.contextMessage.Headers: invalid input for HTTPHeader: map[Type:String Value:this is my foo value] when it was given a transaction document with:
Add that topic as a trigger for your Node.js Lambda function. I used the AWS console for this -- because it helpfully sets up the required IAM role.
Publish a message to that topic:
aws sns publish \
--topic-arn arn:aws:sns:us-west-2:627286350134:trentm-play-topic1 \
--message 'this is my message' --subject 'this is my subject' \
--message-attributes '{"foo": {
"DataType": "String",
"StringValue": "this is my foo value"
}}'
Look at the Lambda function's log. You should see the above error.
The message attributes. Should only be captured, if capturing headers is enabled in the configuration.
record.messageAttributes
...
context.message.headers
-
The message attributes. Should only be captured, if capturing headers is enabled in the configuration.
record.sns.messageAttributes
However, this is misleading. The expected "context.message.headers" format is a mapping of string keys to values that are null, a string, or an array of strings. JSON schema:
"headers": {
"description": "Headers received with the message, similar to HTTP request headers.",
"type": [
"null",
"object"
],
"additionalProperties": false,
"patternProperties": {
"[.*]*$": {
"type": [
"null",
"array",
"string"
],
"items": {
"type": "string"
}
}
}
},
But the format of SNS message attributes is, e.g.:
Add an SQS trigger to your Node.js Lambda function from this queue. I needed to add the managed "AWSLambdaSQSQueueExecutionRole" IAM policy to the role assigned to my function: AWS Lambda console > Configuration > Permissions > "Edit" button on the "Execution role" box.
Send a message with message attributes to the queue:
… attributes for lambda transaction
- If a SNS or SQS single event trigger to an instrumented Lambda
function includes message attributes with the name "traceparent" (and
"tracestate"), case-insensitive, then those are used to continue the
trace. This was already being done for API Gateway event headers.
- Also, fix a bug in the capturing of SNS and SQS message attributes as
"transaction.context.message.headers". Note that only "String"-type
message attributes are captured. Binary-type attributes are base64
encoded. I'm not sure of the value in capturing them.
Closes: #1831Fixes: #2605
Refs: elastic/apm#614
… attributes for lambda transaction (#2606)
- If a SNS or SQS single event trigger to an instrumented Lambda
function includes message attributes with the name "traceparent" (and
"tracestate"), case-insensitive, then those are used to continue the
trace. This was already being done for API Gateway event headers.
- Also, fix a bug in the capturing of SNS and SQS message attributes as
"transaction.context.message.headers". Note that only "String"-type
message attributes are captured. Binary-type attributes are base64
encoded. I'm not sure of the value in capturing them.
Closes: #1831Fixes: #2605
Refs: elastic/apm#614
the bug
If a Lambda function configured to use the Node.js APM agent and with
captureHeaders: true
(the default) receives a SNS or SQS event with message attributes, it will result in a transaction object with boguscontext.message.headers
that breaks the APM server transaction schema and breaks on intake with an error like this:The error message from that is
v2.contextMessage.Headers: invalid input for HTTPHeader: map[Type:String Value:this is my foo value]
when it was given a transaction document with:SNS repro
Add that topic as a trigger for your Node.js Lambda function. I used the AWS console for this -- because it helpfully sets up the required IAM role.
Publish a message to that topic:
details
The lambda instrumentation spec says
However, this is misleading. The expected "context.message.headers" format is a mapping of string keys to values that are
null
, a string, or an array of strings. JSON schema:But the format of SNS message attributes is, e.g.:
and of SQS message attributes:
The text was updated successfully, but these errors were encountered: