AWS Lambda:无法通过具有VPC访问权限的Lambda函数访问SQS队列 [英] AWS Lambda: Unable to access SQS Queue from a Lambda function with VPC access

问题描述

我有一个Lambda函数，需要使用它的URL从SQS队列中读取消息.然后，需要将这些数据插入运行在VPC内的服务器上的Cassandra中.

I have a Lambda function that needs to read messages from an SQS queue using it's URL. Then it needs to insert that data to Cassandra running on a server inside a VPC.

我可以通过Lambda函数使用其私有IP并正确配置安全组来访问Cassandra服务器.

I am able to access the Cassandra server from my Lambda function, using it's private IP and configuring the security groups correctly.

但是，我无法从SQS队列中读取消息.当我将Lambda函数的配置更改为 No VPC 时，便能够从SQS队列中读取消息.但是，使用VPC设置，它只是超时.

However, I am not able to read messages from the SQS Queue. When I change the configuration of Lambda function to No VPC, then I am able to read the messages from the SQS Queue. However, with VPC settings, it just times out.

我该如何克服呢?我检查了我的Lambda函数的安全组是否具有对所有IP地址的完全出站访问权限.

How can I overcome this ? I have checked the security group of my Lambda function has full outbound access to all IP addresses.

推荐答案

某些服务(例如S3)正在提供VPC端点来解决此特定问题，但SQS并不是其中之一.我认为，解决此问题的唯一真正方法是在VPC内运行NAT，以便可以将Lambda函数的网络流量路由到外界.

Some services (e.g. S3) are offering VPC endpoints to solve this particular problem but SQS is not one of them. I think the only real solution to this problem is to run a NAT inside your VPC so the network traffic from the Lambda function can be routed to the outside world.

这篇关于AWS Lambda:无法通过具有VPC访问权限的Lambda函数访问SQS队列的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！