Can a lambda within a VPC be triggered by an SNS or SQS outside of the VPC?

Question

I need to set up a lambda within a vpc. It will be triggered by some sqs on the same AWS account. Will the lambda be able to be triggered from the SQS? Or do I need to provide some configuration?

Answer 1

if the resources within VPC provides API, like AWS redshift provides Data API, you can put lambda outside VPC and access redshift through 'redshift Data API'. But not all resources (like RDS for MySQL) provide API. We have no way but to put lambda inside the same VPC as MySQL. And connect it through MySQL hostname and username/password. If you need your Lambda to be more flexible and versatile, you can put a parent lambda outside VPC. Use parent lambda to call child lambda in the VPC. These two lambdas can access each other very easily although there is a VPC in the middle. The parent lambda can lead and work with all other resources in your project. While, the child lambda is mainly to receive and execute tasks from parent lambda. Note: RDS Aurora for MySQL provides more possibilities than RDS for MySQL, but more expensive of course.

Answer 2

First, it is worth mentioning that an AWS Lambda function does not need to be associated with a VPC. If no VPC is specified, the Lambda function can still access the Internet.

AWS Lambda can poll an Amazon SQS queue to retrieve messages. It can also subscribe to an Amazon SNS topic. Both of these types of "triggers" will invoke the Lambda function whether or not the Lambda function is associated with a VPC.

However, if the Lambda function is not connected to a VPC, then it will not be able to access resources in private subnets.

Answer 3

SQS/SNS can trigger lambda irrespective if Lambda is VPC or not. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-lambda-function-trigger.html