Reputation: 233
Access lambda privately
Can lambda be accessed privately from a vpc? Let's say I want to invoke a lambda function from a python code running on a EC2 server in a private subnet, can I invoke it without going over internet?
Upvotes: 1
Views: 958
Answers (2)
Reputation: 238051
Update 20 Oct 2020
As of today, lambda has VPC interface endpoints:
AWS Lambda now supports AWS PrivateLink which lets you invoke Lambda functions securely from inside your virtual private cloud (VPC) or on-premises data centers without exposing traffic to the public Internet.
Previous answer which was valid at the time of making it
To my is no direct way of doing this.
Lambda VPC integration is only for lambda to access VPC resources, not for VPC resources (e.g. ec2 instance in private subnet) to invoke lambda function. The reason is that Lambda invocation can come from only AWS Lambda API.
Also since lambda does not have VPC endpoint, you can't call it from a private subnet without a NAT gateway.
Upvotes: 1
Reputation: 35146
Yes you can, take a read at Lambda with VPC Networking.
By doing this an ENI would be created in your VPC, within the subnets that you specify. This ENI will be bound to any Lambda invocations, ensuring that network transit will only reside from these VPCs.
Once its in the VPC you could put it behind an internal ALB, allowing your Python script to perform an interaction against the ALB which will invoke the Lambda privately.
Upvotes: 1
Related Questions
- How to restrict access to a lambda
- How to secure a publicly available lambda function?
- How to communicate with private EC2 instance from Lambda function
- Is there a way to expose an AWS lambda layer publicly?
- Authentication and aws lambda function
- Private and public APIs on AWS Lambda Serverless
- AWS Lambda - Access Public AWS RDS MySQL
- Private AWS Lambda API endpoint
- aws lambda access ec2
- Access web within AWS Lambda