How To: RDS Proxy From Lambda Function In AWS (5 Min) | Secrets Manager
In this tutorial, you'll learn how to access RDS Proxy from a lambda function in a VPC using Secrets Manager & Security Group in AWS.
—
Facebook: / gokcedbsql
—
Video Transcript
—
Hi guys, this is Abhi from Gokcedb. In this video, you're going to learn how to access the RDS proxy from the Lambda function in AWS. Let's start by navigating to the VPC dashboard, clicking on create VPC then giving your VPC a name.
Select a cider block and tenancy. I'm going to select two for availability zones and public subnets and 0 for private subnets Nat Gateway and VPC endpoint. Hit create VPC then wait for your VPC workflow to complete.
Confirm that you see two public subnets. One public route table and one internet gateway. Click on security groups then hit create.
Give your Security Group a name, and description, select the project VPC then hit create. Edit the inbound rules and add a rule for all traffic coming from within this Security Group then hit save. Next, navigate to the RDS service then click on create the database.
Here, I'm going to select the standard to create for MySQL and the free tier for the template. Enter an instance identifier, Master username, and master password then select an instance class. For storage, I'm going to select 20 gigs and disable auto-scaling.
For VPC, I'm going to select project VPC and this security group that we just created. I'm going to select password authentication and disable backups and encryption. Hit create database then give it a few minutes to launch.
Next, let's navigate to the Lambda service then hit create function. Give your function a name and select Python as your runtime. Expand the advanced settings section and enable VPC.
Select project VPC both public subnets and my RDS Security Group then hit create. Note, you must attach a VPC to your Lambda function to be able to access the RDS proxy. Next, let's grab our database endpoint and add it to our Lambda function.
I'm also going to add my username and password and then save it. The Lambda function and its dependencies are in a zip file and upload to the Lambda console. In my Lambda function, I'm connecting to my database then executing a select query then printing the results on the console.
Click on the test button. Give your tet event a name then hit save. Hit the test button again to execute your Lambda function. As you can see, the output of the select query was successfully printed on the console.
Let's head back to the RDS dashboard then click on proxies. Hit the create proxy button then give it a name. Select database 1 in the Targe group configuration then clicks on create a new Secret.
Enter the same username and password from your RDS database then select your DB instance and hit next. Give your secret a name configure automatic rotation then hit the store. Go back to the RDS tab, hit the refresh button then choose test Secret.
Expand the additional connectivity configuration and choose my RDS Security Group then hit create. Go inside your test proxy and gran the proxy endpoint. Go back to your Lambda function and replace the RDS endpoint with your proxy endpoint.
Hit deploy then click on the test button. The reason we are getting an error is that the RDS proxy is still not ready. Give it a few minutes and when the proxy is ready, hit the test button again as you can see.
Now, we're seeing the expected output. Not the best practice is to get credentials from the secrets manager instead of hard coding it in your Lamba function. There you have it.
Make sure you like, subscribe, and turn on the notification bell. Until next time.
Watch video How To: RDS Proxy From Lambda Function In AWS (5 Min) | Secrets Manager online, duration hours minute second in high quality that is uploaded to the channel Gokce DB 12 October 2022. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 8,287 times and liked it 76 visitors.
