My Lambda function was working well until last night when it suddenly lost internet access.
It's connected to a VPC in order to access my One-Zone EFS.
A found out that to have a Lambda function connect to the internet when connected to a VPC, I need to set up one subnet to have access to a Route Table that's set to an NAT gateway.
So far so good.
Now, when I try to add the other (NAT) subnet to my Lambda function, it tells me
EFS file system referenced by access point does not have mount targets created in all availability zones the function will execute in. Please create EFS mount targets in availability zones where the function has a corresponding subnet provided.
So I tried to add the EFS to the new subnet as well (despite this not making sense to me since I only ever want to use that for internet access).
Now to the bummer - when trying to add another mount target for the new subnet, EFS tells me You can only create one mount target per Availability Zone..
Do I absolutely have to disable One-Zone for EFS in order to get my tiny Lambda function connected to the internet again?
After reading Mark's answer (https://stackoverflow.com/a/69013543/2161301), I have removed the subnet that I initially added for the EFS and only left the subnet with internet access (that is now also connected to EFS) enabled. Now I don't understand what I created the other routing table for because if I understand correctly, one subnet can only use one routing table and in my understanding the current configuration does not make use of the routing for the EFS but it can for some reason still access it.
Anyway, I'm not gonna touch anything anymore, happy it's running now.
EFS file system referenced by access point does not have mount targets created in all availability zones the function will execute in.
This means that you need to modify the Lambda function so the only VPC subnet(s) it is configured to run in are in the same availability zone as the EFS mount target. It sounds like you have it configured to run in more than one subnet/availability zone currently.