Static IP for all outbound calls from Lambda

Question

We are building a Lambda, an async compute triggered from SQS.  We want to make an 3rd part api call from this async Lambda. 3rd party will not allow all API calls, has strict restriction on incoming request. We need to provide them a IP, they needs to added the IP address to the allowed list. As far as I know Lambda is state less and server less, whenever it get loaded/initialized it might be having some dynamic IP associated within for all outbound calls. Is there a way we can make a static IP associated with all outbound network calls from Lambda ? Any insights on this will be super helpful?

Accepted Answer

Yes. You can attach your Lambda functions to a private subnet in a VPC in your account. This will cause all outgoing traffic to traverse via that subnet. You will then create a NAT Gateway in that VPC, in a public subnet, attach an Elastic IP to the NAT Gateway and route all outgoing traffic via the NAT Gateway. For high availability it is recommended that you create a NAT Gateway in at least 2 subnets so you will need at least 2 EIPs.

Static IP for all outbound calls from Lambda

관련 콘텐츠