0

Currently i'm working on app that collects data and processes them. All data collection is handled by AWS Lambda.First lambda get data from APIs, data is processed and sent to SQS. Everything works fine, but unfortunately NAT costs are higher than expected. Lambda downloads around 10TB monthly (I'm planning to increase that number), so i'm charged about 500$ monthly just for NAT traffic. Other services don't use NAT. Is there any NAT alternative or way to reduce costs? What i thought about is to replace SQS with ElasticCache in private subnet, but that's 'just' 3 TB of traffic less.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
Czefrej
  • 3
  • 2
  • Have you tried routing traffic through SQS interface VPC endpoint? – jellycsc Oct 10 '20 at 16:24
  • @jellycsc not yet. I will give it a try ASAP. Thanks! – Czefrej Oct 10 '20 at 16:28
  • Why do you even use VPC if you only use AWS Lambda and SQS? – Dunedan Oct 10 '20 at 16:45
  • @Dunedan i have also 3 ec2 servers, ElasticCache server and RDS. – Czefrej Oct 10 '20 at 16:51
  • @Dunedan well, tbh i thought VPC is required for every service in AWS, and if none is selected it is launched to default one. – Czefrej Oct 10 '20 at 16:54
  • @Czefrej Please **edit your question** to provide more information about what the Lambda function is doing. For example, is it communicating the ElastiCache and the RDS database? Or is it only communicating with the Internet? Please provide LOTS of information so that we can provide the most appropriate answer. – John Rotenstein Oct 11 '20 at 00:25

1 Answers1

0

If an AWS Lambda function is connected to a VPC, it can communicate with resources in the VPC. For example, it might need to connect to an Amazon RDS database in the VPC.

To access the Internet, the Lambda function would need to be connected to a private subnet and then communicate with the Internet via a NAT Gateway or NAT Instance. (A NAT Instance is cheaper than a NAT Gateway, but is less reliable.)

However, if the Lambda function does not require access to resources inside the VPC, then do not associate a VPC with the Lambda function. This will provide direct access to the Internet.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470