Prisma cloud[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function Traceback (most recent ca

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Prisma cloud[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function Traceback (most recent ca

L0 Member

We are getting the following error in our Lambdas, 

 

[ERROR] Runtime.ImportModuleError: Unable to import module 'twistlock': Failed to import module: lambda_function

Traceback (most recent call last):

 

After troubleshooting, our team identifies that is due Prisma Defender, apparently the lambda handler was changed to twistlock.handler.

10 REPLIES 10

L4 Transporter

Greetings SPerry5,

 

I hope that this note finds you well! I know that it has been a while since you had posted this question but I wanted to see if you still potentially needed any help. Thank you for your time and I hope that you have a good remainder of your day.

 

Kind Regards,

J. Avery King

J. Avery King | Prisma Cloud | Customer Success Engineer

L1 Bithead

We are also having the same issue,, Can we know the cause of this error message?

Hi Amy,

I have started to research this so I can try to assist.

Could you please answer the following?

 

1) Was the function working prior to adding the defender? We need to be certain that there are no issues here first.

2) How did you configure protection? (three options: auto-defend, manual embedding, adding a layer)

3) What programming/scripting language is the function?

4) Are you able to share the function with us for testing or some sanitized version without proprietary data / code, etc ?

 

Regards,

Brandon Goldstein, Sr. Customer Success Engineer, Prisma Cloud | PCCSE, GCP PCSE

Here are some hints...

the language is python.

the lambda's entry point is a module named twistlock with a method named handler().

its likely that the lambda function's file should be named twistlock.py

Tommy Hunt AWS-CSA, Java-CEA, PMP, SAFe Program Consultant
thunt@citrusoft.org
https://www.citrusoft.org

Hello Brandon.

Here is the answers below.

 

1) Was the function working prior to adding the defender? We need to be certain that there are no issues here first.
>A : Yes, the function was working fine before we added the defender.


2) How did you configure protection? (three options: auto-defend, manual embedding, adding a layer)
>A : We used the auto-defend configure.


3) What programming/scripting language is the function?
>A : It is python.


4) Are you able to share the function with us for testing or some sanitized version without proprietary data / code, etc ?
>A : I have already shared this through Support case.

 

Hope you kindly check this.

Thank you.

 

Best regards,

Amy Yoon

Hello Tommy.

 

Thank you for the hint.! 

I will check this once more.

 

Best regards,

Amy Yoon

L3 Networker

Hi Amy, if you could share the case number then I can follow up with TAC.

Since you are using AutoDefend, can you please share the IAM policy attached to the role or IAM user being used for the AWS Cloud credentials? If that's already in the case, I can look there instead. That would also be something important to add to the case if they haven't asked.

 

Regards,

Brandon Goldstein, Sr. Customer Success Engineer, Prisma Cloud | PCCSE, GCP PCSE

Hello Brandon.

Our Case Number is 02344132. 

I didn't upload the IAM policy attached to the IAM user but already checked the it before and the required permission was attached well.

 

Best regards,

Amy Yoon

HI Amy,

I had a look at the case and I can see that it has been successfully escalated so the best thing to do at this time is to stay in touch with TAC when the case is updated.

 

Regards,

Brandon Goldstein, Sr. Customer Success Engineer, Prisma Cloud | PCCSE, GCP PCSE

Amy and Brandon,

From what I recall,  when Prisma Cloud instruments a lambda with a defender, Prisma changes the entry point for the lambda, in other words, it changes the "handler" function name in the lambda console properties.  So, look at the lambda properties panel in the AWS lambda console, find the function name, typically, handler() then look to see if the function name matches the name of the "handler" function in the source file.  Then fix one or the other to match. Now, the source file is NOT the original source-file.

The reason that prisma "renames" the "handler" function is because prisma introduces a new lambda file; the purpose of that lambda file is defend the original lambda function; think of it liek a wrapper around the original lambda function; that new lambda file is your new entry point, aka handler function name, that must agree with the lambda console's lambda properties/function_name.

 

good luck!

Tommy Hunt AWS-CSA, Java-CEA, PMP, SAFe Program Consultant
thunt@citrusoft.org
https://www.citrusoft.org
  • 6574 Views
  • 10 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!