I have my MongoDB living on AWS EC2 and my Lambda function (python code) is trying to access it via IP address 220.127.116.11:27017. At our company we restrict our EC2 instances to our company's IP address by setting up AWS Security Groups on EC2 instance. The problem is without opening up access to port 27017 to all traffic on my EC2 instance security groups my lambda won't be able to access it because we don't know the IP address where the Lambda gets executed on.
Is there a better way to access ports on EC2 instances from AWS services such as Lambda without violating security policies?
Not sure why everybody is saying VPC endpoints will solve this. VPC endpoints allow communication originating within your VPC to access AWS services outside the VPC. The question being asked is regarding Lambda functions, which exist outside the VPC, accessing EC2 instances that exist within the VPC.
Support for running Lambda functions within the VPC is coming soon, as per this announcement. This will solve the issue this question addresses.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!Donate Us With