0

My current architecture includes a Lambda function in a private subnet that basically needs to access the internet to fetch weather data. I have set up a NAT gateway to allow the Lambda function to access the internet.

What I am confused about is what counts for "Data processed per GB" for the NAT gateway? For example, the HTTP request from the lambda payload is of size 1Gb but the response from the public website is of size 200Gb. So would the total data be processed by 1Gb or would it be 201Gb?

P.S. Payload size for both request and response is hypothetical to better represent the scenario

user782400
  • 1,617
  • 7
  • 30
  • 51
  • Are you sure those numbers are GB, not KB? Those payload sizes are enormous. – Mark B Mar 16 '22 at 20:26
  • They are actually hypothetical. The actual sizes are in Kb. But since the NAT Gateway metric is in data processed is in Gb; I use Gb to enable straightforward calculation – user782400 Mar 16 '22 at 20:33

1 Answers1

1

Every GB of data that goes through the NAT, whether in or out, will be charged at 4.5 cents (in the US regions; check pricing pages for elsewhere).

So in your example, you will be charged for 201 GB (1 out, 200 in).

That assumes that you have a NAT running in each availability zone where you are consuming/producing data. If you run a single NAT (a bad idea), you'll also pay for cross-AZ data transfer, at $0.02 per GB.

If you are retrieving a large amount of data, I recommend running your Lambda outside the VPC. You won't be charged for the retrieved data, nor will you be charged for writing that data to the AWS services described here.

Parsifal
  • 3,928
  • 5
  • 9
  • For example, if I have a database in a public subnet in a single AZ (us-east-1a) and a Lambda running in a private subnet in two AZs (us-east-1a, us-east-1b); since Lambda access the database for some actions, would this count as cross-AZ communication? – user782400 Mar 16 '22 at 22:55
  • 1
    If a Lambda running in us-east-1b accesses a database in us-east-1a, then you will pay for cross-AZ traffic. – Parsifal Mar 17 '22 at 12:55
  • 1
    Public/private subnets don't matter, _unless_ you are exposing the database publicly and using a connection that resolves to the public IP address (which is not normal). In that case, you'll pay for the NAT, as well as any egress charges that RDS might impose (I haven't looked at the pricing page, but am guessing that they do charge for egress). – Parsifal Mar 17 '22 at 12:56