AWS Lambda could not connect to endpoint URL DynamoDB

Question

I'm developing a lambda function that I write in DynamoDB. On one hand I have created a layer that has a script with the functions of DynamoDB:

class DynamoHandler():
    def __init__(self):
        self.resource = boto3.resource('dynamodb', region_name = 'eu-west-1')
        self.__table = None

 

    def set_table(self, table_name: str):
        table = self.resource.Table(table_name)
        table.table_arn
        self.__table = table

 

    def insert(self, item, **kwargs):
        self.__check_table()

 

        return self.__table.put_item(
            Item=item,
            **kwargs
        )

 

In the lambda I write the following code:

from dynamo_class import DynamoHandler
    db = DynamoHandler()
    db.set_table(TABLE NAME)
    db.insert(msg) 

And I get the error:

[ERROR] EndpointConnectionError: Could not connect to the endpoint URL: "https://dynamodb.eu-west-1.amazonaws.com/"

Do you know how can I solve this problem? I have searched for similar errors but they occurred when the region was not specified, in my case in the DynamoDB class I assign the region "eu-west-1".

Answer 1

In addition to the great answer by Marcin above, have you checked that the Security Group associated with the function has the correct egress rules that allow the network interface to connect to either the DynamoDB or its NAT gateway?

Answer 2

The timeout occurs most likely because lambda in a VPC has no internet nor public IP address. From docs:

Connecting a function to a public subnet doesn't give it internet access or a public IP address.

Subsequently, the lambda function can't connect to DynamoDB endpoint.

There are two ways to rectify the issue:

• place the lambda in a private subnet and setup NAT gateway to enable lambda access the internet.
• Use VPC Gateway for DynamoDB which would be better in this case, as for DynamoDB gateway there are no extra charges.