- Newest
- Most votes
- Most comments
Hello.
As you know, to access AWS services from a Lambda connected to a VPC, you need to use VPC endpoints or use a NAT Gateway.
I believe you are using the "get-usage" API to retrieve the usage of an API Gateway usage plan, which requires access to the API Gateway control plane.
https://repost.aws/knowledge-center/internet-access-lambda-function
As of September 2024, VPC endpoints cannot be used for the control plane of API Gateway, so NAT Gateway must be used instead.
https://docs.aws.amazon.com/general/latest/gr/apigateway.html
Hello,
-
Yes you will need a NAT Gateway for your Lambda function to access API Gateway when it's in a VPC with only private subnets.
-
When you attach a Lambda function to a VPC and place it in private subnets, those subnets typically don't have direct access to the internet. This means the Lambda function can't reach public AWS services, such as API Gateway, unless you provide it with a way to access the internet.
-
A NAT Gateway allows instances in a private subnet to send outbound traffic to the internet but doesn't allow inbound traffic from the internet to those instances.
https://repost.aws/knowledge-center/internet-access-lambda-function
https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
Relevant content
- Accepted Answerasked a year ago
- Accepted Answerasked a year ago
- asked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago