A Cloud Architect Company
run lambda within vpc
Amazon Web Services

How to configure Lambda to run within VPC

If you want to run AWS Lambda functions within a virtual private cloud (VPC), you’ll need to configure your Lambda function and VPC resources accordingly. This process can be a bit involved, so we have this  great guide on how to do it.

AWS Lambda

  • Lambda is a serverless service. But what is serverless and why does it have that name?
  • Serverless does not means it has no servers. But means that no need to manage any servers by customers. Cloud service providers are manage the servers by themselves.
  • We can run scheduled jobs with serverless computing. So it will runs in the scheduled times only.
  • Lambda is one of the product under the serverless computing offered by AWS. Using Lambda we can run our application with the time we preferred.
  • If we want to run an application, only responsible is writing code. Then run the code and managing servers are taken care by the cloud providers.
  • Using Lambda is a best cost effective way. You only pay what you use.

VPC (virtual private cloud)

  • VPC helps you to run Amazon resources into a virtual network and also its a secure and isolated private cloud hosted within a public cloud.
  • Using VPC we can create a private network in Public cloud service.

In this article we Adding VPC to an existing lambda function. This will allow lambda function to perform tasks with the private resources, which are inside the same VPC.

Also Read: Best Practices on AWS Lambda

Add policy to existing lambda function role

  • This will provides minimum permissions for a Lambda function to execute while accessing a resource within a VPC – create, describe, delete network interfaces and write permissions to Cloud Watch Logs.
  • Click on your lambda function → configuration section → click your existing lambda function role → click add permission → attach policies → search and select “AWSLambdaVPCAccessExecutionRole” → → click Attach policies

Attach VPC with Existing Lambda executionRole

Attach VPC with Existing Lambda policy

Now we have successfully attached additional policy to our lambda function , so that our lambda function will have permission to access private resources too.

Attach VPC to lambda

Here we want to select our VPC , and (subnets, security group) which was created under the same VPC.

Go back to our lambda function, under configuration section → click VPC → click Edit → now add the appropriate VPC, subnets , security group → click save

Attach VPC with Existing Lambda config-vpc
Here I choose default VPC and subnets which are associated with that VPC. You can choose any manually created VPC.

Attach VPC with Existing Lambda vpcSelection

It will take few minutes to update the changes , just wait until it shows popup message as “Successfully updated the function sample” like the below screenshot.

Attach VPC with Existing Lambda vpc-success-notify

we have successfully completed the VPC attachment with lambda function, now we can also create a new version from this function with required name.

Update Lambda to New  Version

Create a new version is required. Because we just move our Lambda function from Public network to Private network.

click Actions → Publish new version → enter the name for new version → click Publish

Attach VPC with Existing Lambda version-config

Attach VPC with Existing Lambda publish

Now we will get success notification.

Attach VPC with Existing Lambda version-success-notify
We can see our latest version under version section.
Attach VPC with Existing Lambda version-location

Now our Lambda function will run only inside the VPC. And it can communicate with the other private resources anything inside the same VPC.

Article written by:

Junior DevOPs Engineer, working @ Easydeploy Technologies Pvt Ltd, Coimbatore, with 1 year of experience, and currently Doing server configurations by automation using Ansible & building strong AWS resources using Terraform, and creating a containerized application using Docker.

Leave a Reply

Your email address will not be published. Required fields are marked *

back to top

Contact Us to save your AWS bill by 40%