0

We have lambda connected to Kinesis that sends data to a Websocket connection via Apigateway. Lambda sits in the VPC and there is also VPC Endpoint to service: com.amazon.us-east-1.execute-api.

The problem is that call (from lambda) times out when performing REST operation on

https://{apigatewayid}.execute-api.us-east-1.amazonaws.com/{stage}/@connections/{connection id}. Host {apigatewayid}.execute-api.us-east-1.amazonaws.com gets resolved to private ip address like 10.0.11.22

Is there a way to make it work with VPC Endpoint?

Thanks!

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
marcino239
  • 33
  • 3

1 Answers1

0

AWS Lambda functions in a VPC will never have a public IP address. This means they either need a route to a NAT Gateway to access things outside the VPC, or a route to a VPC endpoint for the specific non-VPC AWS services they need to access. In your case an API Gateway Private Endpoint would be appropriate.

Mark B
  • 183,023
  • 24
  • 297
  • 295
  • Hey @mark-b - thanks vm for this link, however it requires a private ApiGateway though. Would you know what should be a VPC structure if ApiGateway is public? Thanks! – marcino239 Oct 06 '21 at 22:46
  • Does your Lambda really need to be in the VPC? If so, I think you may have to configure it to be in private subnets with routes to a NAT Gateway. – Mark B Oct 07 '21 at 12:26