I have a lambda function that connects in an ec2 instance by ssh. Both lambda function and instance are in the same VPC. Lambda function has IAM Role with Administrator Access (full access). When I execute the function, I get "Error: Timed out while waiting for handshake".
I think I need to set security group in the instance to allow connections in port 22. But for which IPs? Do I need to configure something else to allow the ssh connection?
Yes you need to open port 22, but not to specific IP addresses. You should have assigned a Security Group to your Lambda function, lets call that "SG-A". Now go into the Security Group assigned to the EC2 instance (let's call this "SG-B") and create a new inbound rule for port 22, and as the source use the ID of SG-A, the group you assigned to your Lambda function. The ID will look something like "sg-xxxxxxxxx". Now anything belonging to SG-A can access port 22 on anything belonging to SG-B.
The IAM Role is irrelevant by the way.
