0

How can I use SQLAlchemy in a Lambda service in the EU-West-1 region to write to a DB instance in the US-East-1 region from same account?

I have attempted to establish a VPC peering connection between the accepting VPC in US-East-1 (which has the RDS resource) and the requester VPC (EU-West-1, which has the lambda resource). The CIDR block for US-East is 10.0.0.0/16 and the CIDR block for EU-west-1 is 172.0.0.0/27.

Background: I created a custom VPC in the EU-West-1 region. After setting up a peering connection with US-East-1. I configured all the route tables under the us-east-1 VPC where the destination is peer VPC CIDR block (172.0.0.0/27) and subnet addresses of eu-west-1, and the target is VPC peer connection...and vice versa.

The security groups of both VPCs are referencing their peer VPC CIDR and peer subnet CIDR as inbound rules.

I am new to this process and would like to know if anyone has done this before. I am not sure what else I can do here.

I am expecting that the Lambda would be able to insert records in the US-East-1 RDS

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
Saad
  • 11
  • 3
  • **Side-note:** `172.0.0.0/27` is a range of _public_ IP addresses. If you want to use a range of private addresses, keep it within `172.16.0.0/12`, which contains `172.16.0.0 – 172.31.255.255`. See: [Private network - Wikipedia](https://en.wikipedia.org/wiki/Private_network) – John Rotenstein Feb 03 '23 at 04:06
  • You can use the [Reachability Analyzer - Amazon Virtual Private Cloud](https://docs.aws.amazon.com/vpc/latest/reachability/what-is-reachability-analyzer.html) to check whether the AWS Lambda function can connect to the Amazon RDS database. – John Rotenstein Feb 03 '23 at 04:07
  • What is your current problem? Is the AWS Lambda function timing-out when it attempts to connect to the Database? Is there an error message in CloudWatch Logs? – John Rotenstein Feb 03 '23 at 04:08
  • Can you create an tiny ec2 in the subnet which you deployed the Lambda and set the same security group as your Lambda to test it. That way you will be able to do the network debugging in better way. – Vikram S Feb 03 '23 at 05:14
  • @JohnRotenstein Cloudwatch logs don't show an error output, the Lambda just times out, indicating the sqlalchemy keeps trying to initiate with the connection string. – Saad Feb 03 '23 at 18:43

0 Answers0