0

If my design involves a Neptune cluster in a VPC in a private subnet and a lambda running in the same VPC subnet, can this be triggered using API Gateway/S3 events without using the NAT Gateway?

The idea is to have 2 separate lambdas - one for bulk loading data into Neptune using S3 event triggers, the other lambda triggered by API Gateway to query Neptune. I also have a S3 VPC endpoint setup for loading data into Neptune.

Is there any use for a NAT Gateway in this design? Can the Lambda send responses back to the API Gateway without routing through NAT?

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
tantan
  • 81
  • 7

1 Answers1

3

While your Lambda function is in a VPC, this does not impact how the Lambda function is invoked.

Therefore, Amazon S3 can trigger your Lambda function when an object is created. Your Lambda function will then run in the VPC and communicate with Neptune.

You do not require a NAT Gateway since the Lambda function is being triggered outside your VPC.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Thanks. I was also trying to understand how the Lambda sends the response back to the API Gateway without using the NAT (Tried this via console - and it worked without invoking the NAT) Do you happen to know how that works? – tantan Jul 01 '20 at 06:21
  • The Lambda function uses `return` to pass the response back to the AWS Lambda service, which will forward it to API Gateway. It happens in the back-end, not in the VPC. – John Rotenstein Jul 01 '20 at 06:28