How can a lambda response to a lambda from private VPC?

Question

I have two lambdas, one (lambda1) is in VPC1 and the other (lambda2) is in VPC2. VPC1 has NAT gateway configured which means the lambda has access to internet. VPC2 doesn't have NAT gateway so the lambda in VPC2 doesn't have any internet access.

I am invoking lambda2 from lambda1 synchronously and it should work because lambda1 has NAT gateway and lambda2 has default endpoint which is open to public. Now my question is how can lambda1 receive response from lambda2? Does the response from lambda2 go through internet? If yes, lambda2 doesn't have internet access which means the response is not able to go to lambda1.

Am I understanding correct?

Answer 1

Now my question is how can lambda1 receive response from lambda2?

You invoke the lambda 2 from internet, and the response will also go back to you through the internet.

If yes, lambda2 doesn't have internet access which means the response is not able to go to lambda1.

Lambda2 can't initiate the connection to the internet from a VPC without NAT. But when invoked, it can return a response to the process which invoked it in the first place. It is similar to when you have a load balancer for instances in a private subnets. The instances can return a response to the caller from the internet even though they are in private subnet without access to the internet.