Lambda to RDS Connectivity


Hi, I'm wanting to establish connectivity to an RDS instance from some Lambda functions. Lambda functions are autodeployed with serverless framework, so ideally my config would be dynamic. I am currently managing infrastructure with CDK, and have the following resources:

  1. RDS on Private Isolated subnet in VPC A, managed by CDK
  2. EC2 instance on public subnet in VPC A, managed by CDK (For access to the RDS from the wider internet)
  3. (Backend) 4 Lambdas without a VPC (Public), behind an API Gateway in default VPC, managed by serverless deploy
  4. Frontend hosted on S3 behind Cloudfront, managed by serverless deploy

I'm a bit stumped because I don't want to update my CDK script whenever the lambdas change. Help is much appreciated.

1 Answer
Accepted Answer

There is no need to update the CDK scripts. All you need to do is attach the functions to some private subnets in the same VPC. Look at this to find out how to reference a CloudFormation Output in your serverless yaml.

profile pictureAWS
answered 2 years ago
  • Am I ok to put them in the same Private Isolated subnet as the RDS? Otherwise I can create private subnets on the VPC and put them there. How do I then allow access to the RDS?

  • I think it would be better to attach the functions to different subnets in the same VPC. In the RDS security group reference the Lambda security group to allow access.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions