Recipe 5.9 Accessing VPN Resources with Lambda #1
Description
ISSUE
Lambda Function cannot access redis cluster endpoint, appears to be no reachable and lambda timeout is reached. Eg.:
aws lambda invoke \
--cli-binary-format raw-in-base64-out \
--function-name $LAMBDA_ARN \
--payload '{ "hostname": "awscookbook509cachecluster.cw1vzu.0001.euw1.cache.amazonaws.com" }' \
response.json && cat response.json
CONTEXT
Recipe Steps seems to be right for creating the aws elasticache cluster, but the cache security group created (CACHE_SECURITY_GROUP) in the CDK code appears unused.
aws elasticache create-cache-cluster \
--cache-cluster-id "AWSCookbook509CacheCluster" \
--cache-subnet-group-name AWSCookbook509CacheSG \
--engine redis \
--cache-node-type cache.t3.micro \
--num-cache-nodes 1
REGION
eu-west-1
SOLUTION
Shall we associate a security group to the Elastic Cache Cluster (The one created in the CDK code), and configure an ingress rule for the Redis endpoint?
Thanks!