You've developed a set of scripts using AWS Lambda.
These scripts need to access EC2 Instances in a VPC.
Which of the following needs to be done to ensure that the AWS Lambda function can access the resources in the VPC? Choose 2 answers from the options given below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A and C.
Options B and D are incorrect since you have to mention the Subnet and Security IDs for the Lambda function to access the resources in the VPC.The AWS Documentation mentions the following.
You can enable AWS Lambda to access resources in a Virtual Private Cloud (VPC)
Your Lambda functions can now access Amazon RDS databases, Amazon Redshift data warehouses, Amazon ElasticCache nodes, and other endpoints that are accessible only from within a particular VPC (e.g., web service running on EC2)
You must provide additional VPC-specific configuration information such as VPC subnet IDs and security group IDs in order to enable your Lambda functions to access resources in an Amazon VPC.
For more information on configuring a lambda function to access resources in a VPC, please refer to the below link-
https://docs.aws.amazon.com/lambda/latest/dg/vpc.html https://aws.amazon.com/about-aws/whats-new/2016/02/access-resources-within-a-vpc-using-aws-lambda/To enable a Lambda function to access resources within a VPC, you need to take the following two steps:
Configure the Lambda function to run inside the VPC: You can achieve this by specifying the subnet IDs that your Lambda function can use.
Configure the security group to allow inbound and outbound traffic for the Lambda function: In this step, you need to configure a security group for the Lambda function that allows inbound and outbound traffic to the VPC resources.
Answer A and C are correct:
A. Ensure that the subnet ID's are configured in the Lambda function: When you create a Lambda function, you can select one or more subnets in the VPC where you want your Lambda function to reside. Ensure that the subnet ID's are correctly configured so that your Lambda function can access resources within the VPC.
C. Ensure that the Security Group ID's are configured in the Lambda function: You can attach a security group to your Lambda function, which controls the inbound and outbound traffic to and from the function. Ensure that the Security Group ID's are correctly configured so that your Lambda function can access resources within the VPC.
Option B and D are incorrect:
B. Ensure that the NACL ID's are configured in the Lambda function: Network Access Control Lists (NACLs) are stateless firewalls that control traffic to and from subnets in a VPC. However, NACLs are not associated with Lambda functions. So, this option is incorrect.
D. Ensure that the VPC Flow Log ID's are configured in the Lambda function: VPC Flow Logs capture information about the IP traffic going to and from network interfaces in a VPC. However, VPC Flow Logs are not associated with Lambda functions. So, this option is also incorrect.
In summary, to allow a Lambda function to access resources within a VPC, you need to configure the function to run inside the VPC by specifying the subnet IDs, and configure a security group for the function that allows inbound and outbound traffic to the VPC resources.