Reputation: 2165
Why can I call an on-VPC aws lambda from an off-VPC aws lambda but not vice versa?
So if I have two lambdas, one inside a private VPC, and one not on a VPC, calling the private lambda from inside the public lambda works but I cant call the public from the private lambda.
There's no NAT setup.
Why is this? It seems that I should not be able to call the private from the public theoretically.
Upvotes: 22
Views: 14914
Answers (3)
Reputation: 2401
Inside VPC you need an AWS VPC interface endpoint (https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html#create-interface-endpoint). It allows access to AWS Lambda service without going through the Internet.
Upvotes: 9
Reputation: 129
To solve this issue you may configure the lambda inside the VPC to have internet access. This article explains how to set up this configuration.
Upvotes: 0
Reputation: 20390
In order to trigger a Lambda function, all that's required is for the caller to have outbound access to the Invoke AWS API. It is not necessary for the invoked Lambda function to have any open inbound ports, or any public Internet access.
So a public (non-VPC, has Internet access) Lambda function can call the Invoke API to trigger the private Lambda function, but the private VPC (no Internet access) Lambda function cannot access the Invoke API to trigger any Lambda function.
Upvotes: 56
Related Questions
- Invoking a Lambda function from another Lambda Function Inside of a VPC
- AWS call Lambda inside VPC to another Lambda in another VPC
- AWS Lambda function can't invoke another Lambda function in the same VPC
- Is there a way that invoke a AWS Lambda function between different VPC?
- Confusion of AWS Lambda inside VPC vs outside VPC
- aws lambda cannot call webservice from another vpc
- Invoke aws lambda from aws lambda in same vpc
- VPC-enabled Lambda function cannot launch/access EC2 in the same VPC
- AWS Lambda unable to invoke another AWS Lambda with No VPC - NodeJs
- Issue with VPC attached to Lambda function