How to grant internet access to AWS Lambda under VPC
Posted By : Mohd Adnan | 31-Jul-2018
Image Credits: AWS
Serverless applications are common these days as they don't need provisioning EC2 instances and configure web servers to run continuously. AWS Lambda provides high scalability and high availability of the application code. With AWS Lambda you only get charged for what you use.
The Problem
1. If you configure your lambda under VPC - you are unable to access services outside your VPC.
2. Third party applications provide access to whitelisted IPs only and unlike EC2 - a public IP is not assigned to AWS Lambda
The Solution
The solution is a workaround to this by creating and assigning a NAT Gateway (Network Address Translator) and routing all your API requests to the internet so that all outbound connections from our Lambda will exit through it.
An Elastic IP is then assigned to the NAT Gateway and that IP can be whitelisted by our third-party services.
The steps involved are as follows:
1. Create a new VPC (or use an existing VPC) from AWS VPC Dashboard
2. Create a new Internet Gateway(IGW) to communicate with the Internet from inside your VPC
3. Now, Create a Public Subnet under your VPC and add a new route to the route table which routes to your Internet Gateway from 0.0.0.0/0
4. Create a new Elastic IP address(EIP).
5. Create a new NAT Gateway and assign it to the Public Subnet and Elastic IP address created at step 3 and at step 4
6. Create a Private Subnet and add a new route to the route table which routes to your NAT Gateway from 0.0.0.0/0
A lambda function can then be created inside your VPC and a request can be made to the Internet to test results.
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Mohd Adnan
Adnan, an experienced Backend Developer, boasts a robust expertise spanning multiple technologies, prominently Java. He possesses an extensive grasp of cutting-edge technologies and boasts hands-on proficiency in Core Java, Spring Boot, Hibernate, Apache Kafka messaging queue, Redis, as well as relational databases such as MySQL and PostgreSQL. Adnan consistently delivers invaluable contributions to a variety of client projects, including Vision360 (UK) - Konfer, Bitsclan, Yogamu, Bill Barry DevOps support, enhedu.com, Noorisys, One Infinity- DevOps Setup, and more. He exhibits exceptional analytical skills alongside a creative mindset. Moreover, he possesses a fervent passion for reading books and exploring novel technologies and innovations.