I wrote a post about building serverless microservices using a combination of VPC and non-VPC Lambda functions to minimize cold starts and increase performance. It’s a long one, but it’s a complicated topic.
Feedback is always appreciated.
So would you have your POST functions inside the VPC to store something in RDS and then use SQS or something to update Dynamo which your GET functions can read from
That could be an option. I would ask the question, “Why do you need RDS?”, and if the answer doesn’t require a realtime requirement, then I’d use DynamoDB to post data (making it available for GETs as well) and then use DynamoDB Streams to replicate the data into RDS. That way your public-facing functions are both outside of a VPC.
Hi Jeremy, really awesome post
quick question: Is that possible for lambda(not in vpc) to access endpoints inside VPC?
No, in order for your Lambda to access endpoints within a VPC, the Lambda function must be inside that VPC as well. However, you can
invoke VPC Lambda functions from other non-VPC Lambda functions and vice versa. So if you need a function that can access your database (perhaps a save operation), you could package that into a VPC Lambda and then have another non-VPC service
invoke it and pass the data to be saved. You could either wait for the response with an “InvocationType” of
RequestResponse, or just pass the data off as an event using the
Event invocation type.