If you want to run AWS Lambda functions within a virtual private cloud (VPC), you’ll need to configure your Lambda function and VPC resources accordingly. This process can be a bit involved, so we have this great guide on how to do it.
- Lambda is a serverless service. But what is serverless and why does it have that name?
- Serverless does not means it has no servers. But means that no need to manage any servers by customers. Cloud service providers are manage the servers by themselves.
- We can run scheduled jobs with serverless computing. So it will runs in the scheduled times only.
- Lambda is one of the product under the serverless computing offered by AWS. Using Lambda we can run our application with the time we preferred.
- If we want to run an application, only responsible is writing code. Then run the code and managing servers are taken care by the cloud providers.
- Using Lambda is a best cost effective way. You only pay what you use.
VPC (virtual private cloud)
- VPC helps you to run Amazon resources into a virtual network and also its a secure and isolated private cloud hosted within a public cloud.
- Using VPC we can create a private network in Public cloud service.
In this article we Adding VPC to an existing lambda function. This will allow lambda function to perform tasks with the private resources, which are inside the same VPC.
Also Read: Best Practices on AWS Lambda
Add policy to existing lambda function role
- This will provides minimum permissions for a Lambda function to execute while accessing a resource within a VPC – create, describe, delete network interfaces and write permissions to Cloud Watch Logs.
- Click on your lambda function → configuration section → click your existing lambda function role → click add permission → attach policies → search and select “AWSLambdaVPCAccessExecutionRole” → → click Attach policies
Now we have successfully attached additional policy to our lambda function , so that our lambda function will have permission to access private resources too.
Attach VPC to lambda
Here we want to select our VPC , and (subnets, security group) which was created under the same VPC.
Go back to our lambda function, under configuration section → click VPC → click Edit → now add the appropriate VPC, subnets , security group → click save
It will take few minutes to update the changes , just wait until it shows popup message as “Successfully updated the function sample” like the below screenshot.
we have successfully completed the VPC attachment with lambda function, now we can also create a new version from this function with required name.
Update Lambda to New Version
Create a new version is required. Because we just move our Lambda function from Public network to Private network.
click Actions → Publish new version → enter the name for new version → click Publish
Now we will get success notification.
Now our Lambda function will run only inside the VPC. And it can communicate with the other private resources anything inside the same VPC.