VPC 外的 AWS Lambda 和 RDS
[英]AWS Lambda and RDS outside a VPC
问题描述
From my understanding, I can run AWS Lambda outside a VPC, as well as the RDS and have that set to publicly accessible.
根据我的理解,我可以在 VPC 以及 RDS 之外运行 AWS Lambda,并将其设置为可公开访问。 That would be the perfect solution for me because my lambda functions need internet access and a NAT Gateway which would allow that when inside a VPC is way too expensive.这对我来说将是完美的解决方案,因为我的 lambda 函数需要互联网访问和 NAT 网关,当在 VPC 内部时,它会允许这样做太昂贵了。 In which cases is it safe to go for that option?在哪些情况下选择该选项是安全的? When is it a bad idea to have an RDS outside a VPC?什么时候在 VPC 之外拥有 RDS 是个坏主意? What are the risks?有哪些风险?
1 个解决方案
解决方案1
1 2019-04-21 09:28:59
It is a VERY bad idea to expose your SQL server to the public internet.将您的 SQL 服务器暴露给公共互联网是一个非常糟糕的主意。 This is a very large security risk and you could eventually lose your data.这是一个非常大的安全风险,您最终可能会丢失您的数据。
The a Nat gateway is too expensive, you could break the project into 2 lambda functions. Nat 网关太昂贵了,您可以将项目分解为 2 个 lambda 函数。 Have one lambda function invoke attached to the VPC access the DB.将一个 lambda 函数调用附加到 VPC 访问数据库。 This lambda can then invoke a second lambda function outside of the VPC, execute code, and return the results.然后,此 lambda 可以调用 VPC 之外的第二个 lambda 函数,执行代码并返回结果。
Natgateway is still the best solution. Natgateway 仍然是最好的解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.