Lambda creating ENI everytime it is invoked: Hitting limit

Question

My Lambda accesses resources on my VPC so as instructed in the documentation I\'ve given the Lambda a role to create network interfaces. I was under the assumption that the

Answer 1

The official line from AWS (via their docs and a support ticket) is to use the AWS-managed policy AWSLambdaVPCAccessExecutionRole.

Excerpt from a private support ticket:

The role you are using in your Lambda function has an attached policy "AWSLambdaVPCAccessExecutionRole", which is an AWS managed policy for VPC-enabled Lambda functions. This policy contains all needed permissions and may be updated in future if new permissions are needed due to updates to the service.

It is also worth noting that it can sometimes take several hours for detached ENIs to be reaped.