En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Timeout error accesing MySql RDS from a Lambda function

0

Hi,

I have a problem connecting from a lambda function with a RDS MySql database.
I try to follow the tutorial http://docs.aws.amazon.com/lambda/latest/dg/vpc.html , but when I try to connect with the database, the lambda function return allways a timeout error. I have tried with several roles and security groups... but I have achieved nothing.
I think I'm doing something wrong... please help me.

I have a function for test:

//loading required modules;
console.log('Loading function');
var mysql= require('mysql');
//This handler will invok after receiving the event with username,password and status
module.exports.testeo = function(event, context, callback) {
	var conn = mysql.createConnection({
	  host     : 'xxxxxxx.eu-west-1.rds.amazonaws.com',
	  user     : 'xxxxxxx',
	  password : 'xxxxxxx',
	  database : 'xxxxxxx'
	});
	conn.connect(function(err) {  // creating database connection
  		if (err) {
	    console.error('error connecting: ' + err.stack); // on error
		return;
		}
	    console.log('connected as id ' + conn.threadId);
	});
console.log("ok");	   
};

In the lambda funtion I have this configuration:

  • Role: miclub-beta-eu-west-1-lambdaRole (with policies: AmazonLambdaVPCAccessExecutionRole, AmazonRDSFullAccess, AmazonRDSDirectoryServiceAccess)
  • VPC: vpc-c84ec6af(172.30.0.0/16)
  • Subnets: subnet-9e7af9f9 (172.30.0.0/24) | eu-west-1a ; subnet-ecba31a5 (172.30.1.0/24) | eu-west-1b ; subnet-4700cf1c (172.30.0.0/24) | eu-west-1c
  • Security groups: sg-1626b96e (default) (Inbound rules: ports: All sources: sg-1626b96e; Outbound: Ports: All destination: 0.0.0.0/0)

In the RDS Instance I have this configuration:

  • Multi-AZ Deployment: No
  • Security group: default (sg-1626b96e) (vpc-c84ec6af)
  • Publicly Accesible: Yes
  • Enable IAM DB Authentication: No

I can access to the RDS from external IPs without problems... but I can't access from lambda functions.
Please... what is wrong?

Sujets
Sans serveurCalcul
Balises
AWS Lambda
Langue
English
70n1
demandé il y a 7 ans2911 vues
2 réponses
1

I solved it following the page: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html

I have created a new VPC Security group (for using in the lambda functions). For this group I have added a inbound rule (I accept ALL TRAFFIC for source 172.30.0.0/16 (all the VPC)).

I have added an inbound and an outbound rules in the VPC Security group of the RDS, in inbound accepting ALL TRAFFIC for source of the other security group (the group created for lambda).. and in outbound accepting ALL TRAFFIC for destination of the other security group.

70n1
répondu il y a 7 ans
profile picture
EXPERT
Antonio_Lagrotteria
vérifié il y a 4 mois
  • Joao Dias
    il y a 2 mois

    I created an account here just to thumbs up this solution. It solved my problem. But I did it slightly different: I just changed the inbound rule of the RDS to accept all IPv4 and IPv6. I didn't even use a security group for my Lambda Function

0

Thank you, this works!

SimonTheBear
répondu il y a 4 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents