1 Answer
- Newest
- Most votes
- Most comments
0
You can't trigger a Lambda function directly from a network call - the event that triggers Lambda has to come from a separate service (mostly). The exception here is Lambda function URL but because they aren't available in a VPC we can discount it as a solution in this case.
What you can do though is create a private API using API Gateway which will be in your VPC and from there it can trigger the Lambda function.
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
Thank you for the quick response; from the documentation linked, I can see that the private API will be accessible via DNS at "https://{rest-api-id}-{vpce-id}.execute-api.{region}.amazonaws.com/{stage}" or "https://<vpce-id>.execute-api.<region>.vpce.amazonaws.com" depending on whether private DNS is enabled.
Is there a way to then expose this API behind a static IP address, such as with an Elastic IP Address?
There's probably a way to do that (using a public-facing NLB) - I haven't tested it but I wouldn't recommend it. In this case (using a Site-to-Site VPN) the traffic will all be private and the private API Gateway will have a static private IP address.