Unable to connect Lambda in private subnet to S3 through VPCE Endpoint
Question
I've been trying to connect to S3 bucket from a lambda residing in a private subnet. I did the exact same thing for Ec2 instance and it worked like a charm, I'm not sure why with lambda it's such an issue. My lambda times out after a certain defined interval.
Here's my lambda's VPC configuration
Here's the security group output configuration:
Below are the outbound rules of the subnet associated with lambda
As you can see, I created a VPC endpoint to route my traffic through the VPC but it doesn't work. I'm not sure what am I missing here. Below is the VPC Endpoint configuration.
I've given full access to S3 in policy like this:
{
"Statement": [
{
"Action": "*",
"Effect": "Allow",
"Resource": "*",
"Principal": "*"
}
]
}
When I run my lambda code, I get timeout error as below:
2 answers
solution1
0 2021-05-24 22:24:01
To reproduce your situation, I performed the following steps:
- Created an AWS Lambda function that calls
ListBuckets(). Tested it without attaching to a VPC. It worked fine. - Created a VPC with just a private subnet
- Added an Amazon S3 Endpoint Gateway to the VPC and subnet
- Reconfigured the Lambda function to use the VPC and subnet
- Tested the Lambda function -- it worked fine
I suspect your problem might lie with the Security Group attached to the Lambda function. I left my Outbound rules as "All Traffic 0.0.0.0/0" rather than restricting it. Give that a try and see if it makes things better.
solution2
0 2022-08-26 08:06:00
You can access Amazon S3 objects using VPC endpoint only when the S3 objects are in the same Region as the Amazon S3 gateway VPC endpoint . Confirm that your objects and endpoint are in the same Region .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.