enabling-lambda-vpc-internet-access
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseEnabling Lambda VPC Internet Access
为Lambda VPC启用互联网访问
Overview
概述
Domain expertise for enabling internet access from AWS Lambda functions running inside VPC private subnets. Lambda functions in a VPC cannot receive public IP addresses, so outbound internet access requires NAT Gateway infrastructure that routes traffic from private subnets through a public subnet to an Internet Gateway.
本内容聚焦于为运行在VPC私有子网内的AWS Lambda函数启用互联网访问的领域知识。处于VPC中的Lambda函数无法获取公网IP地址,因此出站互联网访问需要NAT Gateway基础设施,该基础设施可将私有子网的流量通过公网子网路由至Internet Gateway。
Enable internet access for a VPC Lambda function
为VPC Lambda函数启用互联网访问
To set up NAT Gateway infrastructure and configure routing for a Lambda function that needs internet access, follow the procedure exactly.
See Lambda VPC internet access setup procedure.
如需为需要互联网访问的Lambda函数搭建NAT Gateway基础设施并配置路由,请严格遵循以下步骤。详见Lambda VPC互联网访问设置流程。
Troubleshooting
故障排查
NAT Gateway not working
NAT Gateway无法正常工作
Verify the route table associated with the Lambda subnets has a route pointing to the NAT Gateway. See the full procedure for details.
0.0.0.0/0验证与Lambda子网关联的路由表是否存在指向NAT Gateway的路由。详情请查看完整流程。
0.0.0.0/0Lambda function timeout
Lambda函数超时
Check that security group outbound rules allow the necessary ports and that both the NAT Gateway and Internet Gateway are properly configured.
检查安全组的出站规则是否允许必要的端口,以及NAT Gateway和Internet Gateway是否配置正确。
Network changes not taking effect
网络更改未生效
VPC networking changes can take 1–2 minutes to propagate. Wait before testing after creating a NAT Gateway or updating route tables.
VPC网络更改可能需要1–2分钟才能传播。在创建NAT Gateway或更新路由表后,请等待一段时间再进行测试。
Route table association issues
路由表关联问题
Confirm the Lambda function's subnets are associated with the route table that has the route to the NAT Gateway.
0.0.0.0/0确认Lambda函数的子网是否与包含指向NAT Gateway的路由的路由表相关联。
0.0.0.0/0