How to setup AWS lambda function to talk to the internet and VPC
I'm going to walk you through the steps for setting up a AWS Lambda to talk to the internet and a VPC. Let's dive in.
So it might be really unintuitive at first but lambda functions have three states.
- No VPC, where it can talk openly to the web, but can't talk to any of your AWS services.
- VPC, the default setting where the lambda function can talk to your AWS services but can't talk to the web.
- VPC with NAT, The best of both worlds, AWS services and web.
I'm gonna walk you through the steps to set up number
Note: This tutorial isn't exactly in order of steps, you may need to create one thing (subnet, nat, route table) then go back into the settings for something previously created and edit it to use a newly thing.
VPC Dashboard > Subnets
This is what I had to start with, my existing
vpc that I wanted to connect to already had 4
subnets. Here I noticed I had a couple of subnets already set up. Below is a totally fake ip I pulled from the internet. But the patten of increments of 16 is recreated here.
Note: DO NOT use
18.104.22.168/16it's just an example.
Here I created three four new
network address translation gateway (NAT Gateway).
Three of them will point to the
nat and one points to the
Let's create the
Route Tables now.
Creating Route Tables
VPC Dashboard > Route Tables
Your going to want to set up two
One that points to your
nat let's call this
One that points to your
igw let's call this
Your gonna want to go into each of the subnet and assign them to their corresponding
|subnet name||route table name|
Set your lambda up
Lambda > Functions > my-function > Configuration > Advanced Settings
Now you want to set up your lambda function to use the subnets you created.
Setup your lambda to use your VPC.
Here you setup lambda to use the subnets that point directly to your
Create a NAT
VPC Dashboard > NAT Gateways > Create NAT Gateway
Your going to want click
Create NAT Gateway and set the
Create New EIP.
That should be it! Your lambda should be able to talk to both the VPS and the web through a NAT! Comment below if you need help or want to clarify anything here!
- Essentials: Introducing VPC Support for AWS Lambda
- AWS Lambda: How to setup a NAT gateway for a lambda function with VPC access
- New – Access Resources in a VPC from Your Lambda Functions
- Configuring a Lambda Function to Access Resources in an Amazon VPC
- February 2016 Webinar Series - Introducing VPC Support for AWS Lambda
Shameless SEO terms
- amazon lambda nat
- aws lambda vpc web
- aws lambda rds and web
- aws lambda rds and http request
- lambda timeout
- AWS lambda timeout random vpc
@caitlinosh @bgarciaentornos Did either of you manage to resolve the issue of connecting to your RDS? I'm having the same issue.
@caitlinosh @bgarciaentornos I've solved our problem. To allow lambdas to have internet access, RDS access and to allow the RDS to be publicly available (hopefully within a specific ip range - i.e your static IP), your RDS's subnet group must contain only public subnets; that is subnets which have a route table that points 0.0.0.0/0 to an IGW which is attached to your VPC. You must create a subnet group in Amazon RDS > Subnet Groups which contains the public subnets and then launch an RDS instance with this new subnet group (or configure your current system to these specifications).
In my case I have 6 subnets, 3 are private pointing to a nat gateway, the other three public pointing to an IGW as described above. It's important to note that as long as the Lambda function and the RDS instance are in the same VPC, then the Lambda function will have access to the RDS instance.