Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can't access to RDS from Amazon Lambda, same VPC and correct role permissions

Tags:

amazon

serverless-framework

rds

i can't successfully connect to RDS from Amazon Lambda in production. For Amazon Lambda i'm using Serverless framework, executing sls offline i can connect with RDS from localhost, but in production Amazon Lambda doesn't.

Both are in same VPC, in same security group, that has all traffic inbound access, and a rule that is pointing to Vpc's CIDR.

I have these permissions attached: AmazonRDSFullAccess, AWSLambdaFullAccess, AmazonVPCFullAccess, AWSLambdaExecute and AWSLambdaVPCAccessExecutionRole.

Thank's for help.

like image 671
fabian818 Avatar asked Sep 01 '17 00:09

fabian818

People also ask

Can Lambda access RDS in VPC?

A Lambda function that is outside of a VPC cannot access an RDS instance that is inside a VPC. For information on how to configure a Lambda function's network settings, see Configuring a Lambda function to access resources in a VPC.

Can Lambda access resources in VPC?

Lambda functions can't connect directly to a VPC with dedicated instance tenancy. To connect to resources in a dedicated VPC, peer it to a second VPC with default tenancy .

1 Answers

I had this issue and the following is a summary of the steps I took to resolve:

  1. In lambda network section select the VPC and all subnets. Set the security group to the security group the RDS was created with / set to.
  2. Edit said security group inbound policies and set a policy with RDS port/access settings and set the source equal to its own Group Id. It is not sufficient that they are in the same group, if it doesn't accept connections from it's own group.
  3. Ensure the lambda function execution role has AWSLambdaVPCAccessExecutionRole and AWSLambdaBasicExecutionRole policies attached.

Good luck.

like image 182
edencorbin Avatar answered Oct 05 '22 22:10

edencorbin
Sign in to Comment

Related questions

Push Notification on Amazon Android
Amazon Product API: ItemLookup with Multiple ASINs
How to get shipping info with Amazon's Product Advertising API
Amazon DynamoDB and relationship many-to-many
How to detect Azure/Amazon VM
Get products from a specific seller from Amazon via API
Hosting Plastic SCM on Amazon?
How do you set up a cname for an S3 bucket using Amazon Route 53?
Amazon MWS submitting price setting feed
Developing android app for both Google play and Amazon Store
Special Characters in Amazon SES
Having trouble starting Jenkins: "java.io.FileNotFoundException: /usr/share/java/jenkins/war/META-INF/MANIFEST.MF (No such file or directory)"
Amazon linux: Change default ec2-user when creating an ami image
Amazon Credentials Method not found
S3 bucket be in the same availability zone
Android Studio runtime error Stub! at com.amazon.device.messaging.ADMMessageReceiver.<init>()
Amazon Book API for Python or Ruby? [duplicate]
Amazon S3 + CloudFront query for specific version of stored file
Match sub-string within a string with tolerance of 1 character mismatch
S3 Static Website Only Displays Index.html (but not other dependent files)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!