Is it possible to launch an RDS instance without a VPC?

Question

I'm trying to insert records into a Postgres database in RDS from a Lambda function. My Node.js lambda function works correctly when run locally, but the database connection times out when run in AWS.

I've read several articles and tutorials which suggest that AWS Lambda functions cannot access RDS instances that are within a VPC. For example: http://ashiina.github.io/2015/01/amazon-lambda-first-impression/

Unfortunately; it seems I am unable to create an RDS instance that exists outside of a VPC. At this dropdown I would expect to be able to select an option for "No VPC" or something along those lines.

Has this option been removed? Perhaps I have missed a step?

Mark B · Accepted Answer · 2016-04-27T20:37:32.213

13

You can create a publicly accessible RDS instance. Then you should be able to access it from anywhere, inside or outside AWS. I believe that would get around your issue with Lambda. You are asked if the instances needs to be publicly accessible when you create a new RDS instance via the web console.

Or you could just wait a few weeks, as Lambda within a VPC is supposed to be enabled "later this year".

Edit: Note that newer Amazon accounts are restricted to VPC only resources. You can't create EC2 or RDS instances outside of a VPC anymore. That's why you don't see the "No VPC" option anymore.

Second Edit: VPC access for Lambda functions is now genearally available.

edited Apr 27 '16 at 20:37

answered Dec 10 '15 at 21:27

Mark B

183,023
24
297
295

Thank you for the link. Unfortunately the instance my connections are timing out on is indeed set to be publicly accessible. Disappointing to hear that newer AWS accounts can't create non VPC RDS instances (although perhaps that's for the best). I think at this point I'll look into using an EC2 instance to host my scripts instead of Lambda and revisit this problem after the end of the year, or whenever Lambda gains VPC support. – sudoNebula Dec 10 '15 at 21:38
If it is publicly accessible and you still can't connect, then it is probably because your RDS security group is locked down. You will need to open it up to all AWS IP addresses http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html – Mark B Dec 10 '15 at 22:03

score 0 · Answer 2 · edited Jun 28 '20 at 17:50

0

This question is awhile back, but for those of you who are using MySQL, now you can connect AWS Lambda with Aurora Serverless without VPC, utilizing their new Data API. Take a look at this example for details https://coderecipe.ai/architectures/77374273

edited Jun 28 '20 at 17:50

roeland

6,058
7
50
67

answered Jun 05 '19 at 23:03

hotday

19

Links can die, this isn't the best way to answer a question – G. LC Jun 05 '19 at 23:46
Direct link to the AWS doc: https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html – roeland Jun 28 '20 at 17:51

score 0 · Answer 3 · answered Jul 08 '23 at 11:37

Making a database publicly accessible is not a good practice. Instead, you can create a VPC interface endpoint (https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc-endpoints.html) and leverage it when creating a Lambda function.

This YT video describes nicely what it takes to configure it: https://www.youtube.com/watch?v=beV1AYyhgYA&ab_channel=DigitalCloudTraining

In the vid, Lambda creates the VCP endpoint for you (after you grant it the necessary permission), but note that it is possible to re-use an existing VPC endpoint in your AWS account.

The VPC endpoint is an interface in your VPC that enables Lambda to communicate with your private resources using their private IP. You need to place the endpoint into your VPC subnets and attach appropriate security groups that allow traffic to your desired database instance.

Is it possible to launch an RDS instance without a VPC?

3 Answers3

Linked