I am using aws lambda and external db service.
The external db service does not allow external access for all IPs due to security issues. However, when using lambda without a VPC, the IP kept changing and access was blocked. (not a timeout error)
https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/generate-a-static-outbound-ip-address-using-a-lambda-function-amazon-vpc-and-a-serverless-architecture.html So, to create a static IP, I set up a VPC by referring to the link above.
(Background on this error at: https://sqlalche.me/e/14/e3q8)
Then the above timeout error occurred.
I confirmed that the connection is possible when the local IP is allowed in the DB service and connected with the same code.
It seems to me that the VPC setup is the problem. Therefore, I tried putting the DB IP in VPC inbound rules and outbound rules, etc., but it didn't work.
How do I change the VPC settings to connect to the DB?
CodePudding user response:
Things to check:
- The AWS Lambda function is only attached to private subnets
- The public subnet has a Route Table entry that points to the Internet Gateway
- The private subnet has a Route Table entry that points to the NAT Gateway
- The Security Group associated with the Lambda function has Outbound rules that permit all outbound traffic
- The external party is permitting access via the Elastic IP address that is associated with the NAT Gateway