Menu
I am trying to write AWS lambda function which gets user from AWS Cognito using AWS.CognitoIdentityServiceProvider.adminGetUser and then stores some data into AWS Elasticache (Redis). The parts work fine separately, but not together, as it seems that when I enable VPC for Lambda (to be able to access Elasticache), I loose access to Cognito (Lambda times out).
Is there a way to access both services from single lambda function, or my approach is totally wrong?
900
asked Oct 29 '25 07:10
Yes, you can for sure. You need to create a NAT Gateway or NAT instance in a public subnet of your VPC, then add a rule to the route table that enables NAT from lambda's security group. I don't think there are public Cognito IP addresses, therefore your security outbound group rule CIDR would be 0.0.0.0/0.
More details are available on official docs here and also there are tons of tutorials online, because it's a common problem. Good luck!
P.S. Don't forget to add permissions for adminGetUser action to lambda's IAM role.
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
