I would recommend to keep the database private, attach the function to a VPC (I assume it can't be the same VPC as the DB), peer the two VPCs. Set the a small CIDR block for the subnet that Lambda attaches to, and set the SG to allow all the subnet.
An alternative would be to attach the function to a VPC and connect to the DB via a NAT Gateway that can have an EIP.
There is another way to do that ? I've tried attaching my lambda to a VPC , but didn't work.
- asked 2 years ago
- asked 6 years ago
- How do I troubleshoot connection timeout errors from Lambda when trying to access an Amazon RDS DB instance?AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 6 months ago
- How can I troubleshoot connectivity to an Amazon RDS DB instance that uses a public or private subnet of a VPC?AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
- EXPERTpublished 2 months ago
- EXPERTpublished 3 months ago