Search code examples
amazon-web-servicesnetwork-programmingaws-lambda

AWS Lambda to access internet via egress-only internet gateway

My lambda code simply do this but always timeout

exports.handler = async function(event, context) {
    const response = await fetch("https://www.google.com/");
    console.log(response); 
    return response;
};

I am trying to find an issue with my configuration to reach the internet. I am trying to setup a simple connection using the egress-only internet gateway. What am I doing wrong?

VPC:

  • IPv6 CIDR (Network border group): 2406:da1c:697:400::/56 (ap-southeast-2)
  • IPv4 CIDR: 10.4.0.0/16

Private Subnet

  • IPv6 CIDR: 2406:da1c:697:42c::/64
  • IPv4 CIDR: 10.4.48.0/20

Route table on private subnet

  • 10.4.0.0/16 local
  • 2406:da1c:697:400::/56 local
  • ::/0 eigw-01a19162a848f3cef

ACL Inbound and Outbound

  • 100 All traffic All All 0.0.0.0/0 Allow
  • 101 All traffic All All ::/0 Allow

Lambda security inbound

  • sgr-044f95eff170f631e IPv4 Custom TCP TCP 0 10.4.0.0/16

Lambda security group outbound

  • sgr-0e26a5c8ca4cbd3b9 IPv6 All traffic All All ::/0 –
  • sgr-078154ed0f052b3ba IPv4 All traffic All All 0.0.0.0/0 –
Solution

  • egress-only internet gateway is for IPv6. For lambda to access internet you need NAT gateway which is for IPv4. From docs:

    To give your function access to the internet, route outbound traffic to a NAT gateway in a public subnet. The NAT gateway has a public IP address and can connect to the internet through the VPC's internet gateway.