8

Internet access for lambda in VPC

 4 years ago
source link: https://dev.to/afrazkhan/internet-access-for-lambda-in-vpc-3bjp
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client
Cover image for Internet access for lambda in VPC

Internet access for lambda in VPC

Jul 23

・1 min read

AWS resources living inside a VPC have some security layers attached to them and AWS Lambda is one of very common such scenarios, where your code is only accessible if allowed or can connect to internet ( to access dynamodb, ec2 instances etc) if needed through VPC configurations.

How to attach VPC to your lambdas:

  1. Create 2 new private subnets particulalrly for your lambdas and label them in such a way so that they are distinguishable as private subnets.
  2. If delegeted VPC has no Internet Gateway attached, create one and attach to VPC.
  3. Create a NAT Gateway and give it a public subnet. (create if not avail)

  4. In Route Table tab, there must be 2 route tables, one for your private subnets/lambdas and other for public subnets.
    Associate public subnets to route table specified for public subnets with below configuration

     Destination -> 0.0.0.0/0
 Target -> {Internet Gateway}

  5. Associate private subnets to other route table with below configuration

     Destination -> 0.0.0.0/0
 Target -> {Nat Gateway}

  6. Create a role with policy AWSLambdaVPCAccessExecutionRole and attach it to all lambas that need public access.

  7. Attach VPC and private subnets to your lambdas.

Cheers :)


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK