Access CloudDirectory from inside a VPC

Question

I've setup CloudDirectory, and I'm trying to access my CloudDirectory from a Lambda which is running inside a VPC.  
When executing the Lambda, I'm not seeing much except that it times out.   
  
The log states:

```
[INFO]	2019-04-01T14:48:10.921Z	0604741e-681a-43db-9a47-0b91ec3a1809	Starting new HTTPS connection (1): clouddirectory.eu-west-1.amazonaws.com
[INFO]	2019-04-01T14:49:11.630Z	0604741e-681a-43db-9a47-0b91ec3a1809	Starting new HTTPS connection (2): clouddirectory.eu-west-1.amazonaws.com
```

As soon as I take the Lambda outside of the VPC, it directly works, so it seems to be an issue from Lambda towards CloudDirectory when executed inside a VPC. Since this seems like a similar issue like accessing DynamoDB, SNS and other AWS services, I want to make a VPC Endpoint, however CloudDirectory does not seem to be listed as supported service.  
  
What is the best way to connect to CloudDirectory from inside a VPC, will the standard VPC Endpoints be supported?

Answer

Hello,  
  
At this time, Cloud Directory does not have integration with VPC Endpoints. We have taken this as a feature request and will consider it alongside other customer asks. In the mean time, the recommendation is to use VPC NATs to connect your VPC to the internet and then additionally add rules to your security group such that Cloud Directory is the only accessible internet endpoint.   
  
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html  
  
Hopefully this helps, let us know if you have further questions about Cloud Directory.  
  
-Matt

Answer

Thanks, I'll attempt to work it out with the NAT and Security Groups.

Answer

Just discovered that CloudDirectory now supports VPC Endpoints!  
  
Thanks guys!

Access CloudDirectory from inside a VPC

相关内容