如何在VPC中连接AWS Lambda和RDS
[英]How to connect AWS Lambda and RDS in VPC
问题描述
How can I create this scenario: 
如何创建这种情况:
- A private subnet-1
- Lambda in subnet-1
- RDS in subnet-1(same subnet with Lambda)
- Both inside the same VPC.
is the above feasible and is it a good architecture ? 以上可行吗,这是一个好的架构吗?
I have tried implementing it only issue is, it's timing out. 我尝试实现它的唯一问题是,它正在超时。 But, when the Lambda is out of the subnet-1 it's working fine. 但是,当Lambda离开子网1时,它工作正常。
My understanding is since both RDS and Lambda are in the same subnet they should easily communicate. 我的理解是,由于RDS和Lambda都在同一个子网中,因此它们应该易于通信。
1 个解决方案
解决方案1
0 已采纳 2019-07-01 00:30:25
It is perfectly okay to have Amazon RDS and the AWS Lambda function connected to the same private subnet. 将Amazon RDS和AWS Lambda函数连接到同一私有子网是完全可以的。
Some things to note: 注意事项:
- If the Lambda function also requires access to the Internet (eg to make calls to Amazon S3), then the VPC will also require a NAT Gateway in a public subnet. 如果Lambda功能还需要访问Internet(例如拨打Amazon S3),则VPC还将在公共子网中需要NAT网关 。
- The Lambda function should refer to the RDS instance by DNS Name . Lambda函数应通过DNS名称引用RDS实例。 This should resolve to a private IP address local to the VPC. 这应该解析为VPC本地的专用IP地址。
- The Lambda function should be assigned a Security Group (eg
Lambda-SG)应该为Lambda函数分配一个安全组(例如Lambda-SG) - The security group associated with the RDS instance (
RDS-SG) should permit inbound access on the appropriate port (eg3306for MySQL) fromLambda-SG.与RDS实例( RDS-SG)关联的安全组应允许Lambda-SG在适当的端口(例如MySQL的3306)上进行入站访问。
That is, RDS-SG should permit inbound connections from Lambda-SG . 也就是说, RDS-SG应该允许来自Lambda-SG入站连接。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.