为什么我的Lambda无法访问互联网? [英] Why is my Lambda unable to access the internet?
问题描述
我有一个Lambda函数,可以从API网关或ALB请求中触发.我也有一个RDS Aurora PostgreSQL实例,它们都在VPC内运行.
I have a Lambda function which can be triggered from an API gateway or ALB request. I also have an RDS Aurora PostgreSQL instance, both of which are running within a VPC.
我可以从Lambda连接到RDS实例,但是我无法访问互联网,例如尝试触发对 https://jsonplaceholder.typicode.com/todos/1 的请求会导致超时.
I'm able to connect to the RDS instance from the Lambda just fine, however I can't access the internet, e.g. attempting to fire off a request to https://jsonplaceholder.typicode.com/todos/1 will cause a timeout.
我也无法使用SQL客户端(例如DBeaver)连接到远程数据库.
I also can't connect to the remote database using a SQL client such as DBeaver.
以下是一些详细信息,如果您还有其他需要,请告诉我.我很困惑.
Here's some detail below but let me know if you need anything else. I'm stumped.
Lambda入站规则
Security group ID Ports Source
sg-0f2c4426c8fc85235 80 0.0.0.0/0
sg-0f2c4426c8fc85235 5432 0.0.0.0/0
sg-0f2c4426c8fc85235 All sg-0f2c4426c8fc85235
sg-0f2c4426c8fc85235 22 0.0.0.0/0
sg-0f2c4426c8fc85235 443 0.0.0.0/0
Lambda出站规则
Security group ID Ports Destination
sg-0f2c4426c8fc85235 All 0.0.0.0/0
RDS连接
VPC
公共子网
私有子网
编辑
Nat网关(与公共子网关联)
路由表
路由表路由
编辑2
Lambda子网
推荐答案
Lambda函数应该仅连接到专用子网.
The Lambda function should only be connected to a private subnet.
这使Internet绑定流量可以路由到公共子网中的NAT网关.
This enables Internet-bound traffic to be routed to the NAT Gateway in the public subnet.
如果Lambda功能连接到公共子网,它将无法访问Internet.
If the Lambda function connects to the public subnet, it will be unable to reach the Internet.
这篇关于为什么我的Lambda无法访问互联网?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!