AWS Lambda Function in VPC Not Working With S3 Endpoint

Question

I have a Lambda function that resides in a VPC (in order to talk to RDS). I also need it to perform s3.putObject. It just hangs when I call that function. I realized it's because it's in a VPC.

So I created an Endpoint under my VPC. It has this access policy:

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "Access-to-foo-bucket-only",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::static.foo.com",
                "arn:aws:s3:::static.foo.com/*"
            ]
        }
    ]
}

This Endpoint is associated with a route table containing my two subnets. I see my Endpoint in my subnets Route Table panel. I also see the S3 prefix value in the Route Table's Routes panel. The Security Groups have Outbound Rules pointing to the Endpoint S3 prefix.

Yet, it still doesn't work. My function still hangs at s3.putObject(). When I go to the Network panel of Lambda, I do not see the endpoint in the Outbound Rule list. Shouldn't it be there?

What else could possibly need to be done? I found some pages of AWS documentation that mention S3 endpoints but no step-by-step guide for getting Lambda to use it.

Thanks for any help you can provide.

Answer 1

I figured it out with help from @James Dean's comments.

My VPC and S3 bucket were in different regions which won't work. I created a new bucket in the same region as the VPC but it still didn't work until I deleted the old Endpoint and created a new one. It works now!