Can not access S3 via VPC endpoint in Lambda

Question

I have a Lambda function in my VPC, and I want to access S3 bucket.

I have set S3 VPC endpoint correctly I think,

because I created an EC2 instance in the sa

Answer 1

Even though they're in the same VPC, EC2 and Lambda are still different environments within AWS. Being able to run your code in one and not the other implies that your code is fine and works, so it's likely to be a configuration issue with AWS.

Have you checked the service/execution role that the lambda is using?

You need to ensure that the IAM role that it's using is allowed the correct level of S3 access.

This documentation on execution roles for lambda might provide a useful jumping off point: https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html#lambda-intro-execution-role

An IAM policy like this would give whatever execution role you use read-only access to all your S3 buckets, and happens to be one of the AWS managed policies.

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "s3:Get*",
            "s3:List*"
        ],
        "Resource": "*"
    }
]

}