amazon-web-services - AWS Lambda Function with VPC only works when in Private Subnet
问题描述
I have been working on integrating an Amazon Lambda function with connection to a RDS for the mySQL DB and an external API. To access the API, there needed to be an internet gateway and then security groups that allowed connection from 0.0.0.0/0.
I have a a public subnet and private subnet. The public subnet routes to the internet gateway but the private subnet routes to a NAT.
This lead me to think that if I ran the Lambda function with the Public subnet, it would connect to the internet. However, every time it timed out. But, when I ran the lambda function from within the private subnet, it worked! So it the NAT seems to work since that is what the private sunet was associated with, but just using the internet gateway does not work.
Does anyone have any explanation for this?
解决方案
要使 Amazon Lambda 函数连接到 Internet,需要满足以下条件之一:
- Lambda 函数未连接到 VPC,或者
- Lambda 函数连接到私有子网并且配置了 NAT 网关/NAT 实例,或者
- Lambda 函数连接到公有子网,弹性 IP 地址分配给子网中 Lambda 函数使用的弹性网络接口 (ENI)
仅将 Lambda 函数连接到公共子网(没有 EIP)不会提供 Internet 访问。
推荐阅读
- amazon-web-services - 如何让 Jenkins 可以从 aws ec2 实例中进行评估
- python - Python。从另一个列表中删除列表
- cookies - 使用 Identity Server 4 单点登录
- artifactory - 如何避免 yum 在工件 baseurl 的子目录中搜索 rpm
- windows - VB6 部署不适用于第二个用户
- reactjs - React - 列表中的每个孩子都应该有一个唯一的“关键”道具
- javascript - 警告:来自使用自定义 Web 组件的服务器的额外属性
- interop - 如何用new调用构造函数
- python - 如果有利于目标函数 PULP,如何允许卡车多次使用(最多两次)
- python - 调试 Python 条件语句