By using AWS re:Post, you agree to the Terms of Use
/API GW Websockets and public subnets/

API GW Websockets and public subnets

0

Hi, I have a publicly available API GW Websockets, I have a lambda and ec2 instance in a VPC in a public subnet with IGW and correct routing tables. I have all security groups opened but when I try to post_to_connection using boto3.client('apigatewaymanagementapi') the connection timeouts in Lambda, or I get this error in EC2 when I run

$ aws apigatewaymanagementapi  post-to-connection --data 'hello' --connection-id 'OuoMyd3eDoECJpQ=' --region eu-west-1

Could not connect to the endpoint URL: "https://execute-api.eu-west-1.amazonaws.com/@connections/OuoMyd3eDoECJpQ%3D

Not sure what's wrong, I tried putting the EC2 into a private subnet with a NAT gateway and VCPE endpoint for API GW but no luck.

EDIT: I found the issue with the aws-cli command, I actually had to specify the endpoint_url pointing to the connection_url of the API GW. This works, but for some reason I still can't post any messages from within the lambda which is on the same VPC and public subnet.

1 Answers
2
Accepted Answer

When attaching Lambda functions to a VPC they do not receive a public IP. For them to be able to communicate outside the VPC they need to be placed in a private subnet and use a VPC Endpoint or a NAT Gateway.

EXPERT
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions