1

I have VPC with two private subnets in two different AZ and I am trying to create a VPC Endpoint for connecting lambda to my database in private one of subnet

But I need SNS also for sending message to users based on my lambda function

Do I need to create another endpoint for SNS in that subnet or I can attach multiple services to the same endpoint

I know NAT gateway is an option but it is costly than endpoints

Please suggest best way to do this

Thanks, Monika

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
Monika
  • 13
  • 4
  • This doesn't sound like a programming question, and StackOverflow is for programming questions only. Maybe you should ask this at https://ServerFault.com – James Z Dec 03 '21 at 05:33
  • What do you mean by "create a VPC Endpoint for connecting lambda to my database in private one of subnet"? You can simply configure the AWS Lambda function to connect to the VPC subnets -- this does not require a VPC Endpoint. – John Rotenstein Dec 03 '21 at 10:54

1 Answers1

1

No. A VPC Endpoint is always for a specific service.

By the way, you do not require a VPC Endpoint for Lambda in your situation. Simply configure the AWS Lambda function to connect to the private subnets in the VPC. This is an in-built capability of Lambda functions and the do not require a VPC Endpoint to access the subnets.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Thank u so much – Monika Dec 03 '21 at 16:30
  • What I will do if I need SNS notification for that lambda in that case will SNS inside VPC or outside VPC , please let me know – Monika Dec 03 '21 at 16:31
  • 1
    If your AWS Lambda function is connected to a VPC and it wants to call Amazon SNS, the VPC will either need a _VPC Endpoint for SNS_ (which allows it to directly access SNS) or a _NAT Gateway_ (which allows it to access the Internet and hence SNS and anything on the Internet). – John Rotenstein Dec 03 '21 at 21:47