AWS Lambda can't connect to RDS instance, but I can locally?
@MarkB @Michael-sqlbot were correct in the comments, it was a security group issue.
I finally got AWS support response to point out that the RDS security group was indeed private to a specific IP. This doesn't make sense as I never configured that, and I could access the database from my local machine and elastic beanstalk. I added 0.0.0.0/0 to the security group and now the lambda can connect. Thanks for your help guys!
Here is how I fixed this issue.
When you create a DB instance, you are asked to select VPC. Even if you select default values, it takes the public IP of your system as default inbound IP. Lambda function, on the other hand, has its own IP setting. That's why you can access through any IDE or locally however not through lambda function.
To add Ip restrictions:
Go to Security group of your instance. After selecting the default security group, click on it. In the new page, scroll down to find inbound and outbound settings.
In inbound setting, click edit. You can change the IP here. (0.0.0.0/0 makes it open to the world)
If you add public IP here then IDE or your local connection would work.
For lambda function to work, add IP of the lambda function. Go to Lambda function, Network --> VPC --> (if no VPC is selected, select a VPC same as DB function) and note the IP here.
Type this IP in inbound settings, this will show auto filler.
Save it and test your lambda function.
Here's the answer to this with no world wide access.
Allow AWS Lambda to access RDS Database
Repeating Mark's answer:
- Add vpc access to the lambda function
- Create a new security group for the lambda
- Add the RDS security group to the lambda's SG.