Unable to connect to AWS/RDS from Lambda

1
votes

I have a Node.js Express app that uses Sequelize to connect to the database. I want to deploy my app on Lambda (with API Gateway) and use an RDS Postgres database (serverless)

I created an RDS instance and a server-less setup. From an EC2 instance, I am able to connect to both the RDS instance and the server-less DB without any issues.

However, when I deploy the same code on Lambda, I am unable to connect to either DB instance. In fact, I do not see any error messages anywhere.

sequelize = new Sequelize(process.env.POSTGRES_DBNAME, process.env.POSTGRES_USERNAME, process.env.POSTGRES_PASSWORD, {
        host: process.env.POSTGRES_HOST,
        dialect: 'postgres',
        logging: false,
        operatorsAliases: false
});

// Test connection
(async function() {
    try {
        console.log('Connecting to: ', process.env.POSTGRES_DBNAME, process.env.POSTGRES_USERNAME, process.env.POSTGRES_PASSWORD, process.env.POSTGRES_HOST);

      await sequelize.authenticate();
      console.log('Connection has been established successfully.');
    } catch (error) {
      console.error('Unable to connect to the database:', error);
    }
})();

I even tried using a MySQL instance with RDS proxy, but it's the same - The test connection part doesn't execute, and neither success nor error messages appear in the logs. I wanted to understand if I am missing something. The DB has been configured to be accessible from outside.

3
amazon-web-servicesaws-lambdaamazon-rds
You're aware of VPC and security groups, yes? I ask because you didn't mention either.jarmod
Yes - They are all in the same VPC and security group. The Inbound rules are configured to allow traffic from everywhere.Nikhil Baliga
OK, so you configured the Lambda to attach to your VPC. What do you mean by "unable to connect to either DB instance"? Do you mean that the connection attempt throws an exception that you print with your console.error code? Does that log make it into CW Logs? What is the error that you've logged? Or do you mean that it timed out?jarmod
I have configured Lambda to attach to my VPC. The problem is that neither of the exceptions are getting printed. In the logs, I can see up to 'Connecting to...' but no error post that.Nikhil Baliga
Which suggests that it timed out (note: CW Logs will show you 'Task timed out after N seconds.'). Do you see that in CW Logs? It means that your network connectivity setup is incorrect. At this point, you're going to have to be more forthcoming about what your vpc/network/sg config looks like. Or review and follow these instructions.jarmod

3 Answers

1
votes

My guess is that you have not configured the Lambda IAM permissions correctly. In order for Lambda to be able to access RDS, you can use the AWSLambdaVPCAccessExecutionRole, for CloudWatch logs to work you can add the AWSLambdaBasicExecutionRole to you Lambda function.

The AWS Lambda developer guide has a tutorial that gives an example of how this can be done. For more details, please read the Configuring a Lambda function to access resources in a VPC chapter in the developer guide.

0
votes

To connect to an Amazon RDS instance from a Lambda function, refer to this Amazon document: How do I configure a Lambda function to connect to an RDS instance?.

0
votes

The problem turned out to be with my express package. My AWS configuration was correct, and replacing the Lambda entry code with vanilla DB connection and printing a list of values worked, but plugging it with the Express code worked. I am not sure what the issue was - I found that upgrading the express version fixed my problem.

Thank you everyone for taking the time out to answer my question.