I have a VPC containing 2 Lambda functions A & B:
The VPC itself has Internet access via the NAT instance. I need a 3rd party API to communicate with B, but B is in a private subnet. Now I was wondering whether API Gateway solves this problem or whether it requires more work.
Thanks in advance
If you want the 3rd-party to invoke the Lambda function and pass data to it, then AWS API Gateway is correct for the task. That is exactly what API Gateway is designed to do.
See: Using AWS Lambda with Amazon API Gateway - AWS Lambda
Alternatively, you could use an Elastic Load Balancer and have it invoke the Lambda function.
From: Using AWS Lambda with an Application Load Balancer - AWS Lambda
You also mention that you have an AWS Lambda "on 2 public subnets". AWS Lambda functions should not be configured to connect to public subnets. They should either be configured to use "No VPC" (in which case they can directly access the Internet), or they should be connected to private subnets (and can use a NAT Gateway or NAT Instance to access the Internet if required).
See: Configuring a Lambda function to access resources in a VPC - AWS Lambda:
Connect your function to private subnets to access private resources. If your function needs internet access, use network address translation (NAT). Connecting a function to a public subnet doesn't give it internet access or a public IP address.
