AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

What do I need to allow for my Security group to receive inbound traffic from SQS in lambda?

0

I have a Lambda inside a VPC with a static IP.

I have not implemented this before and I'm wondering when implementing my security group what ports or/and protocols do I need to allow for my Lambda to receive inbound traffic from SQS? I have already implemented the SQS in Lambda in CDK, such as events, and so forth so that when I recieve an event it triggers a lambda function.

However, I'm not certain if I need to allow anything in my security group in order to receive traffic from SQS.

주제
네트워킹 및 콘텐츠 전송서버리스컴퓨팅보안, 신원 및 규정 준수
태그
아마존 VPCAWS Lambda보안, 신원 및 규정 준수
언어
English
rePost-User-7977828
질문됨 2년 전3918회 조회
2개 답변
0

Lambda functions do not accept inbound connections. When you configure a VPC and security group for a Lambda function, this is for the purposes of allowing the Lambda function to execute within your VPC, allowing the function to access other services within the same VPC (e.g. RDS or Aurora instances, EC2 instances, load balancers, etc).

Lambda functions access SQS using the SQS API. You only need to ensure that the security group provides (at a minimum) outbound access on port 443 so that it can connect to SQS.

profile picture
전문가
bwhaley
답변함 2년 전
  • rePost-User-7977828
    2년 전

    Is there a way to find the SQS service IP address? Or any way to limit the SG to confirm that it only can send outbond access to port 443 on SQS?

    Thay way I do not have to allow the access to 0.0.0.0/0?

0

Please take a look at my answer to a similar question recently - https://repost.aws/questions/QUA-ke4GYcQx6-YNvmHxsfUA/can-lambdas-inside-a-private-subnet-still-receive-data-from-sqs#ANzEFlBd5wQ02DlAOAuszeoA

profile pictureAWS
전문가
Indranil Banerjee AWS
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠