How to Configure a Lambda Function to Access Internet Resources in a VPC?
This article is a tutorial for configuring a Lambda Function to access internet resources in a VPC.
How to Configure a Lambda Function to Access Internet Resources?
AWS Lambda is an event-driven computing service that responds to the events invoked inside a function. Furthermore, these events can be generated from any service such as S3 buckets, API, or Endpoints. To learn more about the Lambda Triggers, refer to this article: “An Introduction to Available Triggers to Invoke Lambda Functions.”
In this blog, we will be configuring a Lambda Function within a VPC to access internet resources. Let’s follow some steps for this purpose:
Step 1: Create VPC
On the AWS Management Console, search and access the “VPC” service:
On the VPC interface, click on the “Create VPC” button:
Select the “VPC and more” option and then provide the name of the VPC in the “Name tag auto-generation” section. The name can be auto-generate or customizable:
Under the “IPV4 CIDR block” field, provide an IP address:
We have configured “1” for the Number of Availability Zones, 1 for public subnets, and 1 for the private subnets:
For the NAT gateways, we have selected “In 1 AZ” and then selected “None” for the endpoints.
After that, click on the “Create VPC” button:
This will now create the VPC after checking all these points:
The VPC has been configured successfully:
Step 2: Create Security Group
Now, we will create a Security Group. For this purpose, select the “Security groups” option under the “Security” section:
Click on the “Create security group” button on the Security Group interface:
In the “Basic details” section, provide a name for the “Security group” in the “Security group name” field and then provide a description:
In the Outbound rule, configure two rules in this section. The first rule is given as follows:
The second rule in the Outbound rules section is given as follows:
After that click on the “Create security group” button:
Here the security group has been configured successfully:
Step 3: Create Lambda Function
On the AWS Management Console, search and select the “Lambda” service:
Click on the “Create function” button at the Lambda Functions interface:
Select the “Author from scratch” option and then provide the name in the “Function name” field under the “Basic information” section. Select the “Python 3.11” as the “Runtime” environment:
In the Advanced settings section, check the “Enable VPC” option:
Furthermore, in the VPC section, select the VPC name that we have created earlier:
In the Subnets section, select the “Private subnet” and in the Security group, select the “Security group” from the displayed option:
Hit the “Create function” button at the bottom of the interface:
Add the following lines of code to the Lambda Function and hit the “Deploy” button:
import urllib3
def lambda_handler(event, context):
# TODO implement
url='https://www.google.com/'
http = urllib3.PoolManager()
r = http.request('GET',url)
print('html:', r.data)
return {
'statusCode': 200,
'body': json.dumps('Hello from Lambda!')
}
Note: In the above code url=’https://www.google.com’ is acting as an internet resource.
In this code, we have used the “urllib3” library from Python. By using this library, we have used PoolManager() functions which handle all the details of connection pooling:
After deploying the changes, click on the “Test” button:
On the pop-up window, provide a name for the “test” function and then hit the “Save” button:
Again, click on the “Test” button to run the execution:
Here the test has been successful:
That is all from this guide.
Conclusion
To configure a Lambda Function to access the internet resources, create a VPC, security group, a Lambda Function with an enabled VPC option, and modify its code. We can also monitor the activity of the Lambda Function when accessing internet resources by using the CloudWatch Metric. This article is a procedural guide for configuring a Lambda Function to access the internet resource in a VPC.
Source: linuxhint.com