Lakshminarayanan S
Reputation: 179
Connect to Elasticsearch Service from Lambda in the same VPC
How can I access an Elasticsearch Service instance from a Lambda function without applying an IAM role?
Upvotes: 1
Views: 2696
Answers (3)
John Rotenstein
Reputation: 269171
You will want to configure two Security Groups:
- Configure the Lambda function to use the VPC.
- Create a Lambda Security Group (
Lambda-SG) and configure the Lambda function to use it. - Create an ElasticSearch Security Group (
ES-SG) and configure ElasticSearch to use it. - In
ES-SG, add a rule to permit inbound connections fromLambda-SGon port 9300 (or whatever port your ES is using).
That is, ES-SG should refer to Lambda-SG to permit inbound connections.
Upvotes: 3
jens walter
Reputation: 14029
If your Lambda runs within a VPC, you can configure the ElasticSearch access policy to an IP-based policy.
AWS does provide samples for various kinds of access policies.
Upvotes: -1
ben5556
Reputation: 3018
You need to provide an IAM role for a lambda function and provide the IAM role access to ES.
Upvotes: 0
Related Questions
- AWS Lambda function can't query elastic search running on ec2 instance
- How do I create an AWS VPC Endpoint for Elasticsearch?
- AWS Elasticsearch VPC connectivity
- How to public access of Elastic vpc endpoint
- Make Lambda access EC2 port through a VPC
- Accessing AWS Elasticsearch VPC endpoint through VPC peering
- Allowing Lambda in a VPC to access an Elasticsearch domain in the same VPC
- if lambda function inside a VPC can access the Elastic search in same VPC without the AWSLambdaVPCAccessExecutionRole
- AWS Lambda unable to access EC2 port within the same VPC
- Accessing ECS instances from AWS Lambda running in VPC