Setting up AWS Lambda Internet access in VPC mode is tricky as no proper AWS documentation is provaded on AWS side, I did read this aritical many times https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/ but did not wached YouTube Video. After so much of R&D I can summrise as below steps are need for set up AWS Lambda in VPC mode
- Route Tables two router
- One for EC2 - EC2_ROUTER
- Another for AWS Lambda - AWS_Lambda_ROUTER
- Create an Internet Gateway
- Add 0.0.0.0/0 rule in EC2_ROUTER for target igw-xxxxx
- This will create public subnet and give INTERNET access for EC2
- Create a NATGateway with public subnet which has igw-xxxxx as target
- Create a private subnet which and attach to AWS_Lambda_ROUTER, with target 0.0.0.0/0 as nat-xxxxxxx
- Select VPC for AWS Lambda
- Select a/all private subnet which is private having NAT Gateway for all traffic 0.0.0.0/0
all done, go ahead and enjoy
Note
- NATGateway is required when access to public API other than AWS
- There is AWS Endpoints for internal AWS services, and one can attach AWS endpoints in AWS_Lambda_ROUTER by creating
Internet access in AWS Lambda -> Private Subnet with NATGateway -> NATGateway is in public subnet with Internet Gateway which access to AWS Lambda.
PS
I have no Idea why AWS Lambda can not have INTERNET access via InternetGateway why it needs NATGateway
