- Newest
- Most votes
- Most comments
Hello,
Do you have relevant logs of a Lambda execution showing the error?
If you have a timeout error, did you try to extend the Lambda function timeout?
Lambda Function configure timeout
Troubleshoot networking issues in Lambda
For your information, you have added unnecessary permissions to your Lambda.
AWSLambdaBasicExecutionRole should be enough unless you need access to other AWS services.
You mentioned NAT Gateway and subnets, but they are irrelevant since your Lambda is not in a VPC. Make sure that your Lambda function is outside of your VPC, which is normally the default configuration.
Based on the information provided, it appears that your Lambda function should indeed have internet access. However, there are a few points to consider and potential solutions to explore:
-
Default Internet Access: By default, Lambda functions that are not attached to a VPC have access to the public internet. The fact that your function is not in a VPC should allow it to make outbound internet requests without any additional configuration.
-
IAM Permissions: While you've included the necessary IAM permissions for VPC access, these are not required for a Lambda function that's not in a VPC. The AWSLambdaBasicExecutionRole should be sufficient for a function that only needs to write to CloudWatch Logs and access the internet.
-
Function Configuration: Double-check your function configuration to ensure it's truly not associated with any VPC. Sometimes, VPC settings can be inadvertently applied during deployment.
-
Code Issues: The problem might be in your function code. Ensure that your Node.js code is correctly handling promises and async operations. A common issue is that the function might be timing out before the external API calls complete.
-
Execution Environment: Try testing with a simple function that just makes a single HTTP request to a known endpoint (like https://httpbin.org/get). This can help isolate whether the issue is with your specific APIs or a more general connectivity problem.
-
Timeouts: Check if your function's timeout setting is sufficient for the external API calls to complete. If the function times out before receiving a response, it might appear as if internet access is blocked.
-
Dependencies: Ensure all necessary dependencies (like 'axios') are properly included in your deployment package.
-
AWS Support: If none of the above resolves the issue, it might be worth contacting AWS Support. There could be an underlying issue with the Lambda service in your account or regions.
Remember, Lambda functions by default have internet access when not connected to a VPC. The fact that you're experiencing this issue across multiple regions suggests it might be related to your account configuration or code rather than a regional Lambda service problem.
Sources
Lambda function can access the internet from Function URL but not from API Gateway | AWS re:Post
Giving Lambda functions access to resources in an Amazon VPC - AWS Lambda
Relevant content
- asked 2 years ago
The log errors come from dummy tests we've inserted in the function as simple as:
try { console.log(
🔍 Testing https://httpbin.org/get...); const response = await axios.get("https://httpbin.org/get", { timeout: 5000 }); console.log(✅ SUCCESS for https://httpbin.org/get:, response.status); } catch (err) { console.error(❌ FAILED for https://httpbin.org/get:, err.message); }in which we'll get
ERROR ❌ FAILED for https://httpbin.org/get: timeout of 5000ms exceeded
The Lambda timeout has been set to 29s which shouldn't be the issue since the execution normally completes <2s
As far as the permissions go, you're absolutely right. It was just sheer desperation at this point trying to figure out why a simple get will be blocked in our lambda function that doesn't have a VPC attached and should be able to access the internet
I think is probably related to the code itself and not AWS configurations. There is no reason of getting no internet access from your lambda function, outside of your VPC.
I've tested a very simple code, from yours :
It works well on my side. Have you tried using Axios in your main Lambda function with others configurations, or tried creating a simple and minimal Lambda function to test? Do you have other lambda which is working?
The code itself should be fine since it runs flawlessly on local (using ngrok tunneling). E2E tests with all external services passes. There's only an issue when we deploy this via serverless to lambda and specifically those issues (i.e. the app cannot seem to reach any external service). That's a good callout tho. I'll deploy a simple function to test and see if all lambdas are messed up in which case its probably some obscure account thing. I'll update!
Oh geez I'm such an idiot but I figured it out. See the invoker of the function has a pretty narrow timeout window so we respond immediately and dispatch the actual task async (and notify via callbacks and all that). It would appear for Lambdas that once you commit your response, AWS will forcibly kill your thread even if its running. There's no set time window to which it does that which was what made troubleshooting such a challenge since the logs were highly inconsistent. Sometimes the application would reach a certain stage and other times it gets terminated way before.
Pretty much means lambdas are not suitable for this use case I reckon. Thanks for your responses Brandon!
Ahah thank you for the feedback!
If I’ve helped you don’t forget to mark it as resolved, good luck in your project !