Serverless ElastiCache Redis Doesn't Work With Lambda

0

We have been trying to set up a serverless elasticache redis oss and call it using a lambda function. However, we cannot make it work.

We have the elasticache and lambda on the same VPC, lambda and elastcache have the same subnets, have same security group that allows inbound traffic via TCP for the right port. We allow outbound traffic in the security traffic for the lambda. We have DNS hostnames enabled. We have as many permissions in the service role that we can think of to include. However, the lambda times out and never receives a ping from the elasticache. This seems like an AWS bug, out of ideas.
def lambda_handler(event, context): print('Lambda invocation started') cache = redis.Redis( host='websocket-owmsw7.serverless.use2.cache.amazonaws.com', port=6379, decode_responses=True ) print('Connected to Redis') cache.ping() print('Redis ping successful')

msegy9
asked 3 months ago264 views
3 Answers
0
Accepted Answer

Hi,

I have seen such a problem in the past, it got fixed by activating tls.

Corresponding js code:

let redisClient : RedisClientType = createClient({
                socket: {hostname: 'myhost', port: 6379, tls: true}
                });

Best,

Didier

profile pictureAWS
EXPERT
answered 3 months ago
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
  • Thank you that was it. How silly. :(

  • Hi, you know: it happens to everybody (me included ;-) ). Anyway, glad that you found your problem. Thanks for accepting my answer.

0

Hello.

Will I be able to connect if I change the ElastiCache security group to allow all communications such as 0.0.0.0/0 to check the connection?
For example, if communication is possible with this setting, it is a problem with the inbound rules of ElastiCache's security group.

profile picture
EXPERT
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
0

Not sure I understand the question, but I tested trying to allow connection to the elastiCache from anywhere just to see if it would work by allowing inbound traffic from anywhere. I couldn't make it work with the most relaxed rules.

msegy9
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions