By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Unable to Fetch the Details of Private EC2 Instance using Lambda Function

0

Hi,

As I'm trying to configure the system to download the object on Private EC2 Instance, whenever the object are uploaded to S3 Bucket Automatically.

I have done the VPC Configuration on Lambda Function and Attach the role of "AWSLambdaVPCAccessExecutionRole" and Security Group.

I'm able to trigger the Event from S3 Bucket to Lambda Function, but from Lambda Function to Private EC2 Instance not able connect it.

Kindly Advice the how should I fetch the details of private ec2 instance using lambda boto3

Thanks in Advance.

  • Behrang_KS
    10 months ago

    Can you elaborate what you mean by fetching details of private EC2 instance ? What details are you trying to fetch ?

Topics
Networking & Content DeliveryServerlessCompute
Tags
Amazon VPCAWS LambdaAmazon EC2
Language
English
Alok
asked 10 months ago405 views
3 Answers
1

Hi,

  1. Go to Lambda console.
  2. Select the function that you want to use to connect to private instance.
  3. Choose Configuration and then choose VPC.
  4. Under VPC, click Edit.
  5. Choose a VPC, subnets, and security groups.
  6. Add at least two private subnets. Attach security groups and make sure that security groups allow required ports and protocols based on your requirement.
  7. Choose Save.

Now the next thing is EC2. At EC2 instance side, make sure one of the security group attached the EC2 instance can receive traffic(Inbound rule) from the SG assigned to the Lambda function. Also, make sure SG assigned to the lambda function can make outbound calls to EC2( can usually be open to everything)

Make sure you add appropriate rules in the security group at both sides to allow traffic.

Please refer Configuring a Lambda function to access resources in a VPC

profile pictureAWS
EXPERT
secondabhi_aws
answered 10 months ago
profile pictureAWS
EXPERT
Jonathan_D
reviewed 10 months ago
0

What about having Lambda run Systems Manager Run Command so that files are copied from S3, such as s3 cp?
Attach an IAM role to the EC2 with the AmazonSSMMManagedInstanceCore set in the IAM policy.
If the EC2 is located on a private subnet, configure it to communicate with Systems Manager using a NAT gateway or VPC endpoint.
Create a function to execute SSM RunCommand in Lambda.
Lambda is executed when a file is created in S3.
The following document is an example for Windows.
https://repost.aws/questions/QU3rKJmmtRQ_aFX61wa_VnJw/lambda%E3%81%8B%E3%82%89-ec-2-run-command%E3%82%92%E5%AE%9F%E8%A1%8C%E3%81%99%E3%82%8B%E6%96%B9%E6%B3%95%EF%BC%88-windows%EF%BC%89

In the case of Linux, the following code would do.
If this can be used successfully, there is no need to connect Lambda to the VPC.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm/client/send_command.html

import boto3

ssm = boto3.client('ssm')

def lambda_handler(event, context):
    bucket = event['Records'][0]['s3']['bucket']['name']
    key = event['Records'][0]['s3']['object']['key']
    response = ssm.send_command(
        InstanceIds=['instance-id'],
        DocumentName='AWS-RunShellScript',
        Parameters={
            'commands': [
                f'aws s3 cp s3://{bucket}/{key} /path/file_name'
            ],
            'executionTimeout': ['3600'],
        }
    )
profile picture
EXPERT
Riku_Kobayashi
answered 10 months ago
profile picture
EXPERT
Hiroki Takahashi
reviewed 10 months ago
0

Please check your lambda configuration as mentioned in below link https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html

Manoj Kumar S
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content