Reputation: 19
Inter VPC internet access between lambdas
I am working on a project where my main lambda function is in a VPC in private subnet and some sister lambda functions in a different VPC which are in their own private subnets. How can I go about calling these sister lambdas's from the main lambda across VPC without giving internet access to each of them via a NAT gateway linking to a public subnet which has an internet gateway attached to it. Other AWS services that my main lambda invokes are: 1. S3 2. Dynamodb 3. Autoscaling 4. ECS 5. RDS
Upvotes: 0
Views: 245
Answers (1)
Reputation: 8583
This can be done, but there are some complex steps involved.
First of all, when you use aws-sdk, the calls are made through the internet. To avoid this situation and access the services within the AWS network, The AWS has introduced some private VPC endpoints. I have only used S3 and API gateway private endpoints to date. But there is more type of VPC endpoints.
This is how I would do today,
- setup a private API gateway API to invoke lambda - The private API's are only accessible through a private VPC endpoint for API gateway.
- create a private VPC endpoint for API gateway.
- setup VPC peering between the VPCs
- (from the sister lambda on other VPC) invoke the API through the VPC endpoints public DNS URL
The drawback of adding an API in front of the lambda is, the API has a hard timeout of 29 seconds.
hope this helps.
Upvotes: 1
Related Questions
- AWS call Lambda inside VPC to another Lambda in another VPC
- AWS Lambda in VPC with RDS and Internet Connection
- Put lambda in VPC and subnet
- AWS How add internet access to lambda after add default vpc
- aws lambda cannot call webservice from another vpc
- Lambda in a VPC not able to access internet
- AWS Lambda in VPC doesn't have internet access behind NAT
- AWS Lambda: How to set up a NAT gateway for a lambda function with VPC access
- AWS Lambda Function in VPC With Internet Gateway Still Can't access Internet
- Accessing ECS instances from AWS Lambda running in VPC