Amazon web services 节点加密的AWS Kinesis Firehose Lambda数据转换_Amazon Web Services_Amazon Kinesis_Amazon Kinesis Firehose_Aws Kms

Amazon web services 节点加密的AWS Kinesis Firehose Lambda数据转换

amazon-web-services

Amazon web services 节点加密的AWS Kinesis Firehose Lambda数据转换,amazon-web-services,amazon-kinesis,amazon-kinesis-firehose,aws-kms,Amazon Web Services,Amazon Kinesis,Amazon Kinesis Firehose,Aws Kms,我正在尝试为Aurora Postgres数据流编写数据转换。标识转换为我提供了如下对象： { "type": "DatabaseActivityMonitoringRecords", "version": "1.0", "databaseActivityEvents": "AYADeLZrKReAa/7tgBmd/d06ybQAXwA...BABVoaWV1Fi8LyA==", "key": "AADDDVAS ...pztPgaw==" } 所以在我看来，我

我正在尝试为Aurora Postgres数据流编写数据转换。标识转换为我提供了如下对象：

{
    "type": "DatabaseActivityMonitoringRecords",
    "version": "1.0",
    "databaseActivityEvents": "AYADeLZrKReAa/7tgBmd/d06ybQAXwA...BABVoaWV1Fi8LyA==",
    "key": "AADDDVAS ...pztPgaw=="
}

所以在我看来，我需要解密这些。我将密钥的

arn

附加到相关数据库，但我无法使数据转换正常工作。以下是我到目前为止的情况：

console.log（“加载函数”）； const zlib=require（'zlib'）； const AWS=require（'AWS-sdk'）

这给了我一个莫名其妙的错误

“errorMessage”：“错误：无法将响应正文字符串化”

我遵循下面列出的示例：

知道我做错了什么吗

exports.handler = async (event, context) => {
    /* Process the list of records and transform them */

    const output = event.records.map((record) => {

        const keyId = "arn:aws:kms:us-east-1:501..89:key/1...d7"; // I don't need this?
        const CiphertextBlob = record.data;
        const kmsClient = new AWS.KMS({region: 'us-east-1'});
        const pt = kmsClient.decrypt({ CiphertextBlob }, (err, data) => {
          if (err) console.log(err, err.stack); // an error occurred
          else {
            const { Plaintext } = data;
            console.log(data);
            return Plaintext;
          }
        });
        return { old_data : record.data,};
    });
    console.log(`Processing completed.  Successful records ${output.length}.`);
    return { records: output };
};