Home > OS >  How to hide my AWS lambda from the internet?
How to hide my AWS lambda from the internet?

Time:07-07

I'm new to AWS and struggling to understand how they've laid out their components.

I'm trying to make a simple "hello world" API via lambda and control access to it. I made the lambda (no VPC) and hooked it up to an API GW, and now I have a publicly-accessible lambda. I didn't understand why the lambda was callable without being in a VPC, but I finally stumbled upon this explanation in the docs: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html#vpc-internet

Cool.

So, now I'm trying to lock down access. I thought that meant adding both of these components to a VPC. So I created a VPC & subnets (no IGW, NOT publicly accessible), and put the lambda in there. Before going any further (like updating the API GW), I tested that change, and I found the lambda is still publicly accessible! Why?

The API GW doesn't have access to this VPC, and in any case, this VPC doesn't have internet access. I don't see how this lambda is publicly accessible. What's going on here?

CodePudding user response:

Check for Internet Gateway, Nat gateway. Check for the actual VPC the LAMDA is connected to, sometimes having multiple can be confusing and lastly also check the VPC End point

CodePudding user response:

API Gateway allows you to create private endpoints as well as public ones. It sounds like you want a private endpoint.

Page link:https//www.codepudding.com/os/466816.html

Prev:EKS ALB not attached to the Ingres with Service type ClusterIp and target-type = IP. Is NodePort Man
Next:Exception: synthesize_speech() takes from 1 to 2 positional arguments but 4 were given
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding