Accessing RDS from Lamba kills internet access
06 Feb 2024Yesterday I was working on a sizeable lambda function that has been a work-in-progress for quite a while and already accesses a number of AWS services. Yesterday an RDS connection was required, so I added the RDS connection in the lambda function configuration and … suddenly the script stopped working after just a second.
What had happened?
It turns out that adding an RDS connection also moves my lambda function into a VPC, and thus it is suddenly limited to the internet access granted to that VPC. In my case: none.
Having spent far too much time waiting for timeouts and wondering how my script broke in a part of the code that was far from my current work, the solution finally turned out to be pretty simple: in the VPC dashboard for the VPC that my lambda function suddenly lives in, I had to add endpoints for all required AWS services. Allowing all internet access using a NAT or internet gateway would have been another solution, but my function won’t need any internet access outside of AWS solutions.