Reputation: 4409
Access RDS from VPC Lambda
Is it possible to access a publicly available RDS instance from a Lambda expression in the same VPC, without using a NAT? Could you please point me in the right direction to confugure this? Thanks.
RDS and Lambda have the same VPC, the same Subnets, the same Security group. The security group has 2 inbound rules:
- All Type - All Protocol - All Port Range - Source ALB security group
- All Type - All Protocol - All Port Range - Source security group itself
Is that correct?
Upvotes: 4
Views: 1159
Answers (2)
Reputation: 269101
The recommended configuration is:
- Create a Security Group for the AWS Lambda function (
Lambda-SG). It does not require any inbound rules. - Create a Security Group for the Amazon RDS db instance (
DB-SG). It should allow an Inbound connection on the appropriate port (3306?) fromLambda-SG.
That is, DB-SG should specifically reference Lambda-SG as the source of the inbound connection.
Upvotes: 4
Reputation: 4409
Turns out that the Lambda was timing out RDS connection, due to callback deadlock like explained here: https://stackoverflow.com/a/42619071/2373113 Other thing to notice is that traffic inside the same security group must be explicitly enabled in rules.
Upvotes: 0
Related Questions
- Lambda in VPC access RDS
- AWS Lambda in VPC with RDS and Internet Connection
- Accessing RDS from Lambda
- Access Amazon RDS database in VPC from Lambda locally
- Unable to connect to Public RDS in VPC via Lambda
- How to properly connect AWS Lambda to RDS in VPC?
- AWS Lambda access to RDS outside VPC
- 'no vpc' AWS Lambda accessing RDS in VPC
- AWS Lambda and RDS outside a VPC
- Lambda can not access RDS though those are in the same VPC