I was searching for a while for some good design ideas, but haven't found yet the best option. Basically I'm developing serverless API for existing database (RDS MySQL inside VPC, private security group). So I want to query the database from multiple Lambda functions. I know about the following ways how to achieve this:
- Place all the Lambdas inside the same VPC. But this case is not good due to slow cold start of Lambdas (I will need to keep them warm) and concurrency limitations. Plus I will need to call another services (S3, SES, third party services) => configuration will be much more difficult. So ideally to keep them outside VPC.
- Place a single Lambda (which will only query the DB) inside the same VPC and call it from the other Lambdas outside the VPC using private API Gateway. The Lambda inside VPC will be always warm, but it seems like a bottleneck because of large amount of concurrent requests to this Lambda. I know that it's possible to create multiple security groups and request more IPs, but it will be necessary to monitor the situation constantly, which is not acceptable.
- Opening RDS to be accessible from the Internet is not a solution.
- Aurora serverless requires VPC as well...
Any ideas or advices?
Thank you!