AWS Lambda函数无法连接到互联网 [英] AWS lambda function can't reach the internet
本文介绍了AWS Lambda函数无法连接到互联网的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在运行一个lambda函数,我想同时访问私有数据库服务器和Internet.我可以正常访问数据库,但无法访问互联网.
I am running a lambda function that I would like to access both a private database server and the internet. I can reach the database just fine, but I am not able to reach the internet.
设置:
VPC (10.0.0.0/16)
Public-Subnet (10.0.0.0/24)
NAT-Security-Group (see security groups below)
NAT-Server (AMI NAT instance)
Private-Subnet-1 (10.0.1.0/24) & Private-Subnet-2 (10.0.2.0/24)
DB-Security-Group (see security groups below)
DB-Server (RDS PostgreSQL instance)
Lambda-Security-Group (see security groups below)
Lambda-Function
安全组为:
NAT-Security-Group
Inbound:
HTTP & HTTPS from source: Lambda-Security-Group
SSH from 0.0.0.0/0
Outbound:
All traffic
DB-Security-Group
Inbound:
PostgreSQL from source: Lambda-Security-Group
Outbound:
All traffic
Lambda-Security-Group
Inbound:
HTTP & HTTPS from source: NAT-Security-Group
Outbound:
All traffic
子网的路由表为:
Public-Subnet:
10.0.0.0/16 local
0.0.0.0/0 Internet-Gateway
Private-Subnet-1 & Private-Subnet-2
10.0.0.0/16 local
0.0.0.0/0 NAT-Server
我在这里不知所措.为什么lambda函数无法连接到互联网(连接超时错误)?
I'm at a loss here. Why can't the lambda function reach the internet (connection timeout errors)?
推荐答案
问题在于安全组的入站/出站规则.通过上面的配置,我更新了安全组以匹配:
The issue was with the inbound/outbound rules for the security groups. With the configuration above, I updated the security groups to match:
NAT-Security-Group
Inbound:
HTTP & HTTPS from source: Lambda-Security-Group
SSH from source: 0.0.0.0/0
Outbound:
HTTP & HTTPS to destination: 0.0.0.0/0
DB-Security-Group
Inbound:
PostgreSQL from source: Lambda-Security-Group
Outbound:
None
Lambda-Security-Group
Inbound:
None
Outbound:
HTTP & HTTP to destination: NAT-Security-Group
PostgreSQL to source: DB-Security-Group
Lambda函数现在具有Internet连接.
The Lambda function now has internet connectivity.
这篇关于AWS Lambda函数无法连接到互联网的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文