How to connect your Lambda function securely to your private RDS instances in your VPC using security groups, and still have internet access

Step one: Preparations

Step two: Placement

Step three: Configuring our routes

Destination            Target
10.0.0.0/16 local
0.0.0.0/0 igw-<your_igw_id>
Destination            Target
10.0.0.0/16 local
0.0.0.0/0 nat-<your_nat_id>

Step four: Configuring our security groups

sg-<lambda_sg>
Direction Protocol Port Source
Outbound ALL ALL ALL
sg-<rds_sg>
Direction Protocol Port Source
Inbound TCP 3306 sg-<lambda_sg>
Outbound ALL ALL ALL

Step five: Configuring our Lambda functions

Step six: testing our configurations

const mysql = require('mysql')const connection = mysql.createConnection({
host: process.env.RDS_HOST,
user: process.env.RDS_USER,
password: process.env.RDS_PASSWORD,
database: process.env.RDS_NAME
})
connection.connect(err => {
if (err) {
console.error('error connecting: ' + err.stack)
callback(null)
}
console.log('connected as id: ' + connection.threadId)
})
connection.end(err => {
if (err) console.error('error closing connection: ' + err.stack)
console.log('connection closed')
callback('done')
})
try {    const params = {
Bucket: 'bucketname',
Key: 'test.json'
}
const response = await S3.getObject(params).promise()
console.log(response)

} catch (err) {
console.error(err)
}

Common issues, with common fixes

1. My function is timing-out, but only in the VPC!

2. My function can’t connect to my RDS instance!

3. My function sometimes times-out but not all the time!

4. I can’t save my VPC settings in Lambda!

--

--

--

Daniel. Working on cloud things

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Selenium with Python: Web Automation

CS373 Fall 2021: Tori Denney

Analysis of Algorithms — A Brief Introduction with Insertion Sort

How to deploy WAR file in Tomcat9 using Maven

What Developers should know about Product Management

Never Procrastinate: My Bullet Proof Way

My 120-day journey to being a better Unity Developer — Day 12

The Rum Diaries

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Old man yelling at cloud

Old man yelling at cloud

Daniel. Working on cloud things

More from Medium

Oracle licenses on AWS (illustrated)

How to Securely Share Files within AWS without a login

AWS Codebuild Trigger From Lambda With Environment Variables

Let’s Encrypt Certificates with AWS