AWS Lambda与SQS的连接超时 [英] AWS Lambda connection to SQS timed out

问题描述

我正在执行一项涉及 Lambda函数 在VPC内运行的任务.

I am working on an task which involves Lambda function running inside VPC.

该功能应该将消息推送到 SQS ，并且lambda执行角色具有以下策略:添加了 AWSLambdaSQSQueueExecutionRole 和 AWSLambdaVPCAccessExecutionRole .

This function is supposed to push messages to SQS and lambda execution role has policies : AWSLambdaSQSQueueExecutionRole and AWSLambdaVPCAccessExecutionRole added.

Lambda函数:

# Create SQS client
sqs = boto3.client('sqs')

queue_url = 'https://sqs.ap-east-1a.amazonaws.com/073x08xx43xx37/xyz-queue'

# Send message to SQS queue
response = sqs.send_message(
    QueueUrl=queue_url,
    DelaySeconds=10,
    MessageAttributes={
        'Title': {
            'DataType': 'String',
            'StringValue': 'Tes1'
        },
        'Author': {
            'DataType': 'String',
            'StringValue': 'Test2'
        },
        'WeeksOn': {
            'DataType': 'Number',
            'StringValue': '1'
        }
    },
    MessageBody=(
        'Testing'
     )
)

print(response['MessageId'])

测试执行结果为:

{
  "errorMessage": "2020-07-24T12:12:15.924Z f8e794fc-59ba-43bd-8fee-57f417fa50c9 Task timed out after 3.00 seconds"
}

我将超时"从基本设置"增加到5秒&10秒.但是错误不断出现.

I increased the Timeout from Basic Settings to 5 seconds & 10 seconds as well. But the error kept coming.

如果任何人过去曾经遇到过类似的问题，或者有解决此问题的想法，请帮助我.

If anyone has faced similar issue in past or is having an idea how to get this resolved, Please help me out.

提前谢谢您.

推荐答案

将AWS Lambda函数配置为使用Amazon VPC时，它将连接到VPC的指定子网.这允许Lambda函数与VPC内部的其他资源进行通信.但是，它无法与Internet通信.这是一个问题，因为Amazon SQS公共端点位于Internet上，并且该功能由于无法访问Internet而超时.

When an AWS Lambda function is configured to use an Amazon VPC, it connects to a nominated subnet of the VPC. This allows the Lambda function to communicate with other resources inside the VPC. However, it cannot communicate with the Internet. This is a problem because the Amazon SQS public endpoint lives on the Internet and the function is timing-out because it is unable to reach the Internet.

因此，您有3个选择:

选项1:请勿连接到VPC

如果您的Lambda函数不需要与VPC中的资源进行通信(例如上面提供的简单函数)，只需不要将其连接到VPC .当Lambda函数未 连接到VPC时，它可以与Internet和Amazon SQS公共端点进行通信.

If your Lambda function does not need to communicate with a resource in the VPC (such as the simple function you have provided above), simply do not connect it to the VPC. When a Lambda function is not connected to a VPC, it can communicate with the Internet and the Amazon SQS public endpoint.

选项2:使用VPC端点

VPC端点提供了一种无需通过Internet即可访问AWS服务的方法.您将为Amazon SQS配置 VPC端点.然后，当Lambda函数希望与SQS队列连接时，它可以通过端点而不是通过Internet访问SQS.如果Lambda函数需要与VPC中的其他资源进行通信，通常这是一个不错的选择.

A VPC Endpoint provides a means of accessing an AWS service without going via the Internet. You would configure a VPC endpoint for Amazon SQS. Then, when the Lambda function wishes to connect with the SQS queue, it can access SQS via the endpoint rather than via the Internet. This is normally a good option if the Lambda function needs to communicate with other resources in the VPC.

选项3:使用NAT网关

如果Lambda功能配置为使用私有子网，则在公共子网中已配置 NAT网关和私有子网点的路由表的情况下，它将能够访问Internet.到NAT网关.这涉及额外的费用，并且只有在额外需要NAT网关的情况下才值得.

If the Lambda function is configured to use a private subnet, it will be able to access the Internet if a NAT Gateway has been provisioned in a public subnet and the Route Table for the private subnet points to the NAT Gateway. This involves extra expense and is only worthwhile if there is an additional need for a NAT Gateway.

这篇关于AWS Lambda与SQS的连接超时的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！