Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS Lambda in VPC times out in Cognito Post Confirmation Trigger

0

I have a Cognito user pool and a lambda function in a VPC. That lambda function is hooked up to a 'Post confirmation Lambda trigger'.

The lambda function is a little Go function that is doing a call to Cognito itself to get some data regarding the just signed-up user. However, after calling CognitoIdentityProvider.AdminGetUser(....) my lambda function times out.

I tried to move the Lambda function out of the VPC, and it seems to work without problems. I am simply following the examples. However, the lambda function needs to be in the VPC since my RDS instance is also there, and I need to make connections to my RDS instance as well.

So to 'illustrate'.

User confirms email (through Cognito) -> Lambda in VPC gets triggered -> CognitoIdentityProvider.AdminGetUser() -> Times out.

Can someone maybe give me some insights on how I can make my lambda function work?

Argomenti
ServerlessComputazionaliSicurezza, identità e conformità
Tag
AWS LambdaAmazon Cognito
Lingua
English
karljohn_peoples
posta un anno fa1364 visualizzazioni
1 Risposta
1

Hi, @karljohn_peoples.

Your Lambda function probably can't reach Cognito's public endpoint.

Add a route from the subnet of VPC Lambda to the NAT Gateway and change it so that it can go outbound to the Internet, and check if it works.

If that works, you need to either secure an internet outbound route or add a VPC endpoint.

profile picture
ESPERTO
iwasa
con risposta un anno fa
  • karljohn_peoples
    un anno fa

    Thank you for your answer Iwasa, I just figured out that I could get all the data already actually from the event. I completely missed that.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente