[英]AWS Lambda returning [ODBC Driver 17 for SQL Server]Login timeout expired
I'm trying to develop a AWS Lambda to act as a middle point between my application and my RDS MSSQL database, also hosted on AWS.我正在尝试开发一个 AWS Lambda 作为我的应用程序和我的 RDS MSSQL 数据库之间的中间点,也托管在 AWS 上。 When I run the following code from PyCharm I get the correct data from my database.当我从 PyCharm 运行以下代码时,我从我的数据库中获得了正确的数据。
import pyodbc
server = 'RDSDB endpoint + port'
database = 'vanim8'
username = 'RDSDB username'
password = 'RDSDB password'
conn = pyodbc.connect('DRIVER={ODBC Driver 17 for SQL Server};SERVER=' + server + ';DATABASE=' + database + ';UID=' + username + ';PWD=' + password)
cursor = conn.cursor()
cursor.execute("SELECT * FROM login")
row = cursor.fetchone()
while row:
print(row[2])
row = cursor.fetchone()
But when I run invoke the lambda from the AWS CLI with the same code it returns [ODBC Driver 17 for SQL Server]Login timeout expired
但是,当我使用相同的代码从 AWS CLI 运行调用 lambda 时,它返回[ODBC Driver 17 for SQL Server]Login timeout expired
I can't figure out what it would be, I was thinking it would have to be something to do with security perhaps denying inbound traffic from the lambda but not from my IP, but I'm not sure I'm new to cloud computing我不知道它会是什么,我认为这与安全性有关,可能会拒绝来自 lambda 但不是来自我的 IP 的入站流量,但我不确定我是云计算新手
I figured out that the security group that my RDS DB was using was allowing traffic from my IP address but not the IP of the VPC which was causing the error我发现我的 RDS DB 使用的安全组允许来自我的 IP 地址的流量,但不允许来自导致错误的 VPC 的 IP 地址
Bear in mind that lambda is, by default, a public service, meaning that any name resolution and routing will be via public pathways.请记住 lambda 默认是公共服务,这意味着任何名称解析和路由都将通过公共路径。 If your database is in a private VPC you will need to have a VPC endpoint that ties the lambda function into the private VPC, and you will also need to consider the DNS resolution for that VPC.如果您的数据库位于私有 VPC 中,您需要有一个 VPC 终端节点将 lambda function 连接到私有 VPC,并且您还需要考虑该 VFB 的 ZED5F2BDECBD4BD349D09412D1FF6A6 分辨率。 Once the VPC endpoint is in place, you can bind the lambda function to a particular VPC, and it will route internally.一旦 VPC 端点就位,您可以将 lambda function 绑定到特定 VPC,它将在内部路由。
If your database is publicly accessible, then you would just need to confirm that your inbound security groups and ACL's are allowing traffic from the lambda IP ranges.如果您的数据库可公开访问,那么您只需确认您的入站安全组和 ACL 允许来自 lambda IP 范围的流量。
In either case you'll want to consider name resolution and network reachability as the primary culprits, with network reachability (security groups, ACL's, and routing) being the most likely based on the error you're getting.在任何一种情况下,您都需要将名称解析和网络可达性视为主要罪魁祸首,网络可达性(安全组、ACL 和路由)最有可能基于您遇到的错误。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.