[英]Cannot connect to EC2 Postgres DB from lambda Nodejs
I cannot connect to EC2 Postgres DB from my lambda function我无法从我的 lambda 函数连接到 EC2 Postgres DB
I have create a lambda function after S3 createAll event, In this lambda function, I need to update data in my DB.我在 S3 createAll 事件之后创建了一个 lambda 函数,在这个 lambda 函数中,我需要更新我的数据库中的数据。 What I have done is I tested the DB connection at local.
我所做的是在本地测试了数据库连接。 It works fine.
它工作正常。 However, after I published to lambda, every console.log inside client.connect function will not be triggered.
但是,在我发布到 lambda 之后,client.connect 函数中的每个 console.log 都不会被触发。 I thought it would be permisson of my lambda role, So i gave administratorfullacess to this role.
我认为这会是我 lambda 角色的许可,所以我给了这个角色管理员权限。 Also, in EC2 rule, I make incoming traffic open to all.
此外,在 EC2 规则中,我将传入流量向所有人开放。 and outgoing to all as well.
也传出给所有人。 1. EC2 is ubuntu, Postgres as DB 2. Nodejs for Lambda function
1. EC2 是 ubuntu,Postgres 是 DB 2. 用于 Lambda 函数的 Nodejs
const { Client } = require('pg');
exports.handler = async (event,context,callback) => {
context.callbackWaitsForEmptyEventLoop = true;
var client = new Client({
host:'example.com',
port:5432,
user:'postgres',
password:'examplepassword',
database:'db'
});
console.log('start connecting db : log client');
client.connect().then(() => {
console.log('DB is connected');
const text1 = 'SELECT * FROM unime.lecture_content';
const text = 'INSERT INTO uni.institute_type(name) VALUES($1)
RETURNING *';
const values = ['Test Data 2'];
callback('DB Connected')
}).catch(e => {console.error('connection error', e.stack)
callback('DB failure',e.stack)
})
};
My Package.json我的 Package.json
{
"name": "node_postgres",
"version": "1.0.0",
"description": "node postgres api",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"deploy": " — zip-file fileb://Lambda-Deployment.zip",
"predeploy": "zip -r Lambda-Deployment.zip * -x *.zip *.log"
},
"keywords": [
"postgres"
],
"author": "JUNXILI",
"license": "ISC",
"dependencies": {
"pg": "^7.0.3"
}
}
I want to show all the log within client.connect function.我想在 client.connect 函数中显示所有日志。 please help me thanks
请帮助我谢谢
Your issue might be your EC2 security group, since you find that you can connect from your local machine but not from Lambda functions.您的问题可能出在 EC2 安全组上,因为您发现可以从本地计算机进行连接,但不能从 Lambda 函数进行连接。 The security group uses an IP and port whitelist to determine whether to allow a connection.
安全组使用 IP 和端口白名单来确定是否允许连接。 When an EC2 instance is first set up, its default security group often only allows simple traffic like HTTP/HTTPS.
首次设置 EC2 实例时,其默认安全组通常只允许简单的流量,如 HTTP/HTTPS。 It doesn't open up a port (5432) for PostgreSQL.
它不会为 PostgreSQL 打开端口 (5432)。 Additionally, these connections must be allowed from any IP since the IP of a Lambda function backing instance varies per invocation.
此外,必须允许来自任何 IP 的这些连接,因为 Lambda 函数支持实例的 IP 因调用而异。
If this is the case, my solution would be:如果是这种情况,我的解决方案是:
You might also look into using VPCs to be more secure.您也可以考虑使用 VPC 来提高安全性。 See https://docs.aws.amazon.com/lambda/latest/dg/vpc.html
请参阅https://docs.aws.amazon.com/lambda/latest/dg/vpc.html
Note also if you go the VPC route:另请注意,如果您使用 VPC 路线:
AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC.
AWS Lambda 使用此信息来设置弹性网络接口 (ENI),使您的函数能够安全地连接到私有 VPC 中的其他资源。
Using ENIs may cause your Lambda to have a higher cold start time until AWS sorts out the issues with ENI provisioning time.使用 ENI 可能会导致您的 Lambda 具有更长的冷启动时间,直到 AWS 解决 ENI 配置时间的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.