VPC Setup for Lambda Function#

On this page, you can read the instructions on how to configure the Security Group for a relational database (RDS) on AWS.

  1. Go to the VPC console.

  2. In the side navigation pane, click Subnets >> Create subnet.

  3. Choose your VPC ID.

  4. Name your subnet, e.g. lambda-private.

  5. In IPv4 CIDR block field, select the IP address that is not in use in your VPC. IPv4 CIDRs is provided in the VPC section under Associated VPC CIDRs.

  6. Leave the other fields unchanged.

  7. Click Create subnet.

  8. Follow the same process with creating another subnet, but call it lambda-public, and provide a unique IPv4 address.

  9. Locate your lambda-public Subnet ID and click on it.

    1. To change the Auto-assign public IPv4 address value from no to yes, click Actions in the right corner.

    2. Click Edit subnet settings.

    3. Check the Enable auto-assign public IPv4 address box and hit Save.

  10. On the left sidebar, select NAT gateways and click Create NAT gateway.

    1. Name your NAT gateway, e.g. lambda-nat.

    2. Select your lambda-public subnet (or rather your equivalent subnet name).

    3. Click on the Allocate Elastic IP button.

  11. Click Create NAT gateway.

  12. In the side navigation pane, select Route tables and click Create route table.

    1. Name your route table, e.g. lambda-nat (private route table).

    2. Select your VPC from the drop-down menu.

    3. Click Create route table.

    4. Associate the lambda-nat route with the private subnet (lambda-private in our case) by clicking on Edit routes.

    5. Click Add route with the value that will allow you to go to any destination in the Destination column.

    6. In the Target column, select Nat Gateway >> lambda-nat.

    7. In your route table ID, click on Subnet associations >> Edit subnet associations.

    8. Click on your private subnet (lambda-private in our case) and hit Save association.

    9. Follow the same process with creating another route table, but call it public-internet, choose select Internet Gateway >> {public network} (you will only have one starting with igw-) in the Target column upon editing the route table, and associate it with a public subnet (lambda-public in our case).