lambda timeout when calling parameter store

Question

I have a lambda function that calls the parameter store to retrieve a credential. The code is as follows:

import boto3
ssm = boto3.client('ssm')
parameter = ssm.get_parameter(Name='credentials', WithDecryption=True)
print(parameter['Parameter']['Value'])

I have given AmazonSSMFullAccess to the lambda role. The lambda has a VPC which later I'll use it to connect to a Redshift database without public access. The inbound and outbound rules are as follows:

There is a post AWS Lambda cannot connect to Parameter Store which mentions that if the lambda requires VPC, then add a NAT gateway.

In the lambda subnet route table: , there seems to be already a route that goes to the internet?

But I am still getting lambda time-out errors :(

Answer 1

there seems to be already a route that goes to the internet?

Sadly, it does not. It seems you placed your lambda in a public subnet with route to internet gateway (IGW). However, you have to use private subnet with a route to NAT gateway. IGW and NAT are two different things. Have a look at this AWS guide how to make it work:

• How do I give internet access to a Lambda function that's connected to an Amazon VPC?

Alternatively, you can setup VPC interface endpoint for Paramter store. Then you don't need internet access for your Lambda function.