Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Forwarder] Private link support (VPC configuration support through CF template)

See original GitHub issue

The above documentation is a little misleading since the default cloudformation template doesn’t seem to support enabling VPC/subnets/security group. It also can’t be added by brute force unless you attach the missing AWSLambdaVPCAccessExecutionRole to the role.

I could be missing something, but it’s not entirely obvious. Are you guys planning on adding these config parameters at some point? I can send send a PR, but this will introduce some pretty obnoxious branching/parameter collecting that you guys are going to able pump out a lot faster/cleaner.

AWS::Serverless::Function would need a branching forVpcConfig

Also the execution role will need aws managed AWSLambdaVPCAccessExecutionRole

I got it working, but i’m just drifting the stack and brute forcing my way there, just not a long term solution.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:7 (6 by maintainers)

github_iconTop GitHub Comments

DarcyRaynerDDcommented, May 5, 2020

We’ve added Private Link in the latest release, 3.11.0. I’m closing this issue for now, but feel free to re-open if you have any issues.

dezren39commented, Apr 20, 2020

This is exciting! I’m beginning on the exact same path as @rromanchuk over the past week, when I realized there was no VPC so it couldn’t use my privatelink is when I searched and found this. I think I’ll be manually modifying my lambdas in the mean-time, but definitely interested in seeing this update.

It’s probably much more important for the forwarder as logs can end up being quite a few GB in some cases, but I’m also looking at it for the RDS enhanced metrics lambda even though it’s just api/metrics, small traffic. Since all the agents and everything else would be using private link, it seems funny to just have the one going over the internet gateway.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Setting up VPC endpoints for AWS CloudFormation
VPC endpoints only support Amazon-provided DNS through Route 53. If you want to use your own DNS, you can use conditional DNS forwarding....
Read more >
Secure Hybrid Access to S3 using VPC Endpoints
Deploy the CloudFormation stack: Header anchor link. The CloudFormation template will create additional services to support an on-premises simulation: One Route ...
Read more >
Keep up with the times: use AWS PrivateLink - Element7
It includes a CloudFormation template with all necessary resources. ... Compared with VPC Peering AWS PrivateLink has quite some benefits:.
Read more >
Setting up VPC endpoints for Amazon CloudFormation
You aren't required to configure PrivateLink, but it's recommended. ... VPC endpoints only support Amazon-provided DNS through Route 53.
Read more >
Enable AWS PrivateLink - Databricks documentation
An AWS VPC endpoint service is a PrivateLink-powered service. ... new network configuration with new settings, for example for a new VPC or ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found