AWS Lambda 无法连接到端点 URL DynamoDB

Question

I'm developing a lambda function that I write in DynamoDB. On one hand I have created a layer that has a script with the functions of DynamoDB:

class DynamoHandler():
    def __init__(self):
        self.resource = boto3.resource('dynamodb', region_name = 'eu-west-1')
        self.__table = None

 

    def set_table(self, table_name: str):
        table = self.resource.Table(table_name)
        table.table_arn
        self.__table = table

 

    def insert(self, item, **kwargs):
        self.__check_table()

 

        return self.__table.put_item(
            Item=item,
            **kwargs
        )

 

In the lambda I write the following code:

from dynamo_class import DynamoHandler
    db = DynamoHandler()
    db.set_table(TABLE NAME)
    db.insert(msg) 

And I get the error:

[ERROR] EndpointConnectionError: Could not connect to the endpoint URL: "https://dynamodb.eu-west-1.amazonaws.com/"

Do you know how can I solve this problem? I have searched for similar errors but they occurred when the region was not specified, in my case in the DynamoDB class I assign the region "eu-west-1".

Answer 1

The timeout occurs most likely because lambda in a VPC has no inte.net nor public IP address . From docs :

Connecting a function to a public su.net doesn't give it inte.net access or a public IP address.

Subsequently, the lambda function can't connect to DynamoDB endpoint.

There are two ways to rectify the issue:

• place the lambda in a private su.net and setup NAT gateway to enable lambda access the inte.net.
• Use VPC Gateway for DynamoDB which would be better in this case, as for DynamoDB gateway there are no extra charges .

Answer 2

In addition to the great answer by Marcin above, have you checked that the Security Group associated with the function has the correct egress rules that allow the.network interface to connect to either the DynamoDB or its NAT gateway?