Amazon web services 节点加密的AWS Kinesis Firehose Lambda数据转换
我正在尝试为Aurora Postgres数据流编写数据转换。标识转换为我提供了如下对象:Amazon web services 节点加密的AWS Kinesis Firehose Lambda数据转换,amazon-web-services,amazon-kinesis,amazon-kinesis-firehose,aws-kms,Amazon Web Services,Amazon Kinesis,Amazon Kinesis Firehose,Aws Kms,我正在尝试为Aurora Postgres数据流编写数据转换。标识转换为我提供了如下对象: { "type": "DatabaseActivityMonitoringRecords", "version": "1.0", "databaseActivityEvents": "AYADeLZrKReAa/7tgBmd/d06ybQAXwA...BABVoaWV1Fi8LyA==", "key": "AADDDVAS ...pztPgaw==" } 所以在我看来,我
{
"type": "DatabaseActivityMonitoringRecords",
"version": "1.0",
"databaseActivityEvents": "AYADeLZrKReAa/7tgBmd/d06ybQAXwA...BABVoaWV1Fi8LyA==",
"key": "AADDDVAS ...pztPgaw=="
}
所以在我看来,我需要解密这些。我将密钥的arn
附加到相关数据库,但我无法使数据转换正常工作。以下是我到目前为止的情况:
console.log(“加载函数”);
const zlib=require('zlib');
const AWS=require('AWS-sdk')
这给了我一个莫名其妙的错误“errorMessage”:“错误:无法将响应正文字符串化”
我遵循下面列出的示例:
知道我做错了什么吗
exports.handler = async (event, context) => {
/* Process the list of records and transform them */
const output = event.records.map((record) => {
const keyId = "arn:aws:kms:us-east-1:501..89:key/1...d7"; // I don't need this?
const CiphertextBlob = record.data;
const kmsClient = new AWS.KMS({region: 'us-east-1'});
const pt = kmsClient.decrypt({ CiphertextBlob }, (err, data) => {
if (err) console.log(err, err.stack); // an error occurred
else {
const { Plaintext } = data;
console.log(data);
return Plaintext;
}
});
return { old_data : record.data,};
});
console.log(`Processing completed. Successful records ${output.length}.`);
return { records: output };
};