AWS Lambda function that has VPC configuration and uses aws-sdk gives timeout exception
Question
I have a AWS Lambda function that uses a VPC configuration (with public subnets) to connect to a database, also the function needs to access QuickSight using AWS SDK. The connection to the database works but when using aws sdk to access quicksight it gives a timeout exception. From what I understood the aws sdk requires internet connection (because it is an API). Shouldn't the public subnets give access to the internet and solve the problem or am I missing something?
The QuickSight also has a VPC configuration where I set a security group with an inbound rule to allow access from the security group used by lambda function (not sure if this helps/is relevant).
1 answers
solution1
0 ACCPTED 2020-11-24 15:47:39
Since AWS Lambda functions running inside a VPC are never assigned a public IP address, regardless of your VPC's settings, placing them in a public subnet actually prevents the Lambda function from accessing anything outside of the VPC. The only way to give a Lambda function access to both the VPC and the Internet is to run it in a private subnet with a route to a NAT Gateway .
For some AWS services you can use AWS PrivateLink instead, but QuickSight isn't on the list of PrivateLink services (yet) so that isn't an option here.
Also, regarding your QuickSight VPC settings, as far as I understand that is only for allowing outbound QuickSight connections to resources in your VPC. When something interacts with QuickSight it is actually interacting with the AWS API, not something in the VPC, so the inbound rules in your QuickSight security group are meaningless.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.