stackoom
  简体   繁体   中英

AWS Lambda cannot reach internal servers from within VPC

 原文  2019-06-26 02:32:03       amazon-web-services/ aws-lambda/ vpn/ vpc

Question

I have a lambda which is attempting to make a REST call to an on-prem server outside of AWS. We have the lambda running from a VPC which has a VPN connection to our local resources. The same rest call runs successfully from EC2 with the VPC but the lambda request hangs. The security groups are open. Any ideas how to debug this?

Here is the bulk of the lambda 

def lambda_handler(event, context):
    config = configparser.ConfigParser()
    config.read('config')

    pattern = re.compile(".*"+config['DEFAULT']['my-pattern'])
    logger.info(event['Records'])
    sns_json = event['Records'][0]['Sns']
    sns_message = json.loads(sns_json['Message'])
    logger.info(sns_message['Records'][0]['s3'])
    s3_object = sns_message['Records'][0]['s3']
    new_file_name = s3_object['object']['key']
    bucket = s3_object['bucket']['name']
    if pattern.match(new_file_name):
        new_json = {"text": "New file (" + new_file_name + ") added to the bucket. " + bucket,
                   "title": config['DEFAULT']['default_message_title']}
        webhook_post = requests.get("http://some-ip:4500/")
        logger.info("Webhook Post Status: " + str(webhook_post.status_code) + str(webhook_post))
        logger.info("Skip teams webhook");
        outgoing_message_dict = {
            's3Bucket': bucket,
            'somefile': new_file_name
        }
        return outgoing_message_dict

I don't receive any errors from the request, it just hangs until my lambda times-out.

1 answers

solution1
 0 ACCPTED  2019-06-26 15:31:03

I believe I found the source of the problem. Ultimately I believe the issue is with our on-prem firewall. The VPN tunnel wasn't active at all times. Others have mentioned that it needs to be activated from the on-prem network. I created an ec2 instance and connected to it, activating the VPN. What I ran the lambda shortly after, I could successfully reach the local REST endpoint I was trying connect to.

I have not implemented the final solution yet, but from the firewall we should be able to set the connection to have a keep-alive ping so our connection does not time-out. I hope this helps others. Thank you for the feedback!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cannot reach some websites within AWS-lambda function AWS Lambda access Secrets Manager from within VPC Connecting to AWS Elasticsearch within VPC from Lambda over HTTPS How do I invoke AWS Rekognition from a Lambda within a VPC Access AWS S3 from Lambda within VPC aws lambda cannot call webservice from another vpc AWS Lambda cannot connect to AWS services in VPC Lambda in VPC cannot connect to AWS services Instances in AWS VPC cannot reach internet via VPN How to reach S3 from a nodejs lambda which is inside a VPC?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM