通过AWS Lambda函数访问EC2实例服务
我有一个仅具有私有IP的EC2实例,并且我已经在运行10.0.4.44:9092的同一实例上安装了Apache Kafka.
现在,我创建了AWS Lambda函数,该函数从给定的Bucket中读取文档,并将文档正文发送给在EC2实例上运行的Apache Kafka.
I have a EC2 Instance which only have Private IP and I have installed the Apache Kafka on same Instance running on say 10.0.4.44:9092.
Now, I have created the AWS Lambda Function which read the document from given Bucket and sent the Document body to Apache Kafka running on EC2 Instance.
现在,AWS Lambda无法访问EC2实例服务.
Now, AWS Lambda is unable to access the EC2 Instance Service.
如何授予对Lambda的访问权限以访问EC2上的Apache kafka服务?
How Can I grant access to Lambda for accessing Apache kafka Service on EC2?
您需要将Lambda函数添加到运行EC2服务器的VPC.这是官方文档.
You need to add the Lambda function to the VPC the EC2 server is running in. Here's the announcement blog post of Lambda VPC support with a walk through for setting it up. Here's the official documentation.
VPC中的Lambda函数将无法获得公共IP地址.这意味着它将无法访问VPC之外的任何内容.由于还需要访问S3,因此需要设置S3 VPC端点,以便您的功能仍可以访问S3.
A Lambda function in a VPC will not get a public IP address. This means it won't be able to access anything that is outside the VPC. Since you also need to access S3 you will need to setup an S3 VPC Endpoint so that your function will still have S3 access.
如果您的功能需要访问VPC之外的其他内容,则必须将其添加到具有NAT网关的VPC的专用子网中.
If your function needs access to other things outside the VPC then you will have to add it to a private subnet of the VPC with a NAT Gateway attached.