This question has been asked several times, and I've been reading the answer for the past hours, so I'm going to summarise everything here. To get the connection between RDS and lambda, the normal steps are:
- Attach the lambda to the same VPC as the database
- Create a security group for the lambda
- Modify / add a security group for the RDS, in which you allow the VPC's security group as inbound providing the connection port.
- Add policy
AWSLambdaVPCAccessExecutionRole
to lambda function
That's supposed to be it, however it is not working for me. I have checked other possible errors:
- DNS of database not found. Solved by setting an internet gateway for the VPC, checked that the DNS is properly resolved
- Inbound and Outbound rules of the lambda functions. Solved by setting literally all traffic for both directions.
- Outbound rule for DB's security group is set to all traffic and destinations
Note: I can connect to the database via a VPN using another security group, meaning it's not a credential error.
I really don't understand what else I'm missing at this point