AWS Lambda unable to access EC2 port within the same VPC

1
votes

I have a lambda function accessing Elasticsearch running on an EC2 instance in the same VPC. Unfortunately, the lambda fails to access the port even when I make it publicly accessible.

Both lambda and EC2 are assigned to the same VPC. The lambda is also assigned to a security group to which the SG assigned to EC2 explicitly gives inbound permissions. Lambda function is also assigned to a role with the following managed policies:

  • AWSLambdaExecute
  • AWSLambdaVPCAccessExecutionRole
  • CloudWatchLogsFullAccess

Is Lambda missing some permissions?

Thanks!

1
amazon-ec2aws-lambdaamazon-vpc
Hey, how you resolved this issue?sapna
The accepted answer mentioned private IP addresses and I realized that I was incorrectly using public IPs. Switching to private IPs fixed the issue.alecswan

1 Answers

7
votes

The IAM Roles assigned to the Lambda function would have no bearing on this issue.

It sounds like you have setup the VPC and Security Groups correctly. How are you referencing the EC2 server from the Lambda function? You have to reference it via the private IP address assigned to the EC2 instance in order for the network traffic to stay within the VPC, and in order for the Security Group rule you have configured to apply correctly.