What do I need to allow for my Security group to receive inbound traffic from SQS in lambda?

Question

I have a Lambda inside a VPC with a static IP.

I have not implemented this before and I'm wondering when implementing my security group what ports or/and protocols do I need to allow for my Lambda to receive inbound traffic from SQS? I have already implemented the SQS in Lambda in CDK, such as events, and so forth so that when I recieve an event it triggers a lambda function.

However, I'm not certain if I need to allow anything in my security group in order to receive traffic from SQS.

Answer

Lambda functions do not accept inbound connections. When you configure a VPC and security group for a Lambda function, this is for the purposes of allowing the Lambda function to execute within your VPC, allowing the function to access other services within the same VPC (e.g. RDS or Aurora instances, EC2 instances, load balancers, etc).

Lambda functions access SQS using the SQS API. You only need to ensure that the security group provides (at a minimum) outbound access on port 443 so that it can connect to SQS.

Answer

Please take a look at my answer to a similar question recently - https://repost.aws/questions/QUA-ke4GYcQx6-YNvmHxsfUA/can-lambdas-inside-a-private-subnet-still-receive-data-from-sqs#ANzEFlBd5wQ02DlAOAuszeoA

What do I need to allow for my Security group to receive inbound traffic from SQS in lambda?

Contenus pertinents