If lambda can access the elasticsearch with in same vpc?

within same VPC, If lambda can access the elasticsearch without applying IAM role? Is this possible?

You need to provide an IAM role for a lambda function and provide the IAM role access to ES.

If your Lambda runs within a VPC, you can configure the ElasticSearch access policy to an IP-based policy.

AWS does provide samples for various kinds of access policies.

IP based access policy

You will want to configure two Security Groups:

Configure the Lambda function to use the VPC.
Create a Lambda Security Group (Lambda-SG) and configure the Lambda function to use it.
Create an ElasticSearch Security Group (ES-SG) and configure ElasticSearch to use it.
In ES-SG, add a rule to permit inbound connections from Lambda-SG on port 9300 (or whatever port your ES is using).

That is, ES-SG should refer to Lambda-SG to permit inbound connections.

来源：https://stackoverflow.com/questions/53955126/if-lambda-can-access-the-elasticsearch-with-in-same-vpc

标签

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!