Invoke aws lambda from aws lambda in same vpc

4
votes

I premise I'm not a systemist nor network engineer. I'm trying to invoke a lambda function from another lambda function in the same vpc. My network configuration is:

  • 1 vpc
  • 1 public subnet and 1 private subnet
  • 2 route tables
  • 1 internet gateway
  • 1 security group

My lambda:

  • is attached to both subnets and to sec group;
  • connects to db and retrieves data;
  • invokes lambda function to send push notification.

But when the first one tries to invoke the second aws returns timeout exception. My idea is that the first one "can't see" the second.

How can I solve the problem?

Thanks

2
amazon-web-servicesaws-lambdainvokeamazon-vpc

2 Answers

3
votes

This is actually going to be as a result of the first Lambda (which is configured to use a VPC) has no outbound internet connectivity.

Ensure that you have either a NAT Gateway or a NAT instance that are attached to the route table(s) of the associated subnets.

If your function needs internet access, use network address translation (NAT). Connecting a function to a public subnet doesn't give it internet access or a public IP address.

You will need to remove the attachment to the public subnet as a Lambda cannot be assigned a public IP, therefore it cannot use an Internet Gateway.

1
votes

If the first Lambda function is invoked asynchronously, it can specify a Destination for sending an event at the completion of execution.

The destination can be another AWS Lambda function. This invocation is triggered by the AWS service and does not require Internet access from the first Lambda function (and is therefore cheaper than using a NAT Gateway).

See: Configuring destinations for asynchronous invocation

(I haven't tried it myself, but it should work!)