lambda call aurora global database

Question

I use lambda (python) to connect aurora global database to query data。
use
***response = boto3.client('rds').describe_global_clusters(GlobalClusterIdentifier='global database name')
......
response = boto3.client('rds').describe_db_clusters(DBClusterIdentifier='cluster id')***
Get the Endpoint and DatabaseName of the aurora global database
then use ***pymysql.connect(host=Endpoint, user=user,password=password, database=database)***
connect to the database

When my lambda has a vpc, the database can be connected successfully, but the endpoint cannot be obtained。

When the vpc is deleted, the endpoint can be obtained normally, and the database cannot be connected。

Answer

When a Lambda function runs in a default VPC, it has access to the internet but no access to private resources in your VPC. When the function is attached to your VPC, it has access to the private resources, but it looses the access to the internet. To regain that access, you need to add a VPC endpoint for the AWS services you want to access or a NAT gateway to access the rest of the internet of AWS services that do not support VPC endpoints.

All the `client('rds')` calls are trying to access the RDS service public endpoint. As such you need to [create an RDS VPC endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/vpc-interface-endpoints.html).

An alternative would be to configure an environment variable that contains the connection string so that you do not need to find it every time.

lambda call aurora global database

관련 콘텐츠