Sometimes our customers using AWS report to us that their AWS Lambda function receives connection timeout errors when it tries to access an Amazon Relational Database Service (Amazon RDS) DB instance.
Are you trying to troubleshoot Lambda RDS connection timed out in AWS? We can help you.
How to troubleshoot Lambda RDS connection timed out ?
Here, We will see the methods you can follow to check both intermittent and consistent connection timeouts.
1. Troubleshoot intermittent and transient connection timeout errors
We must do the following as a basic thing when we receive intermittent and transient connection timeout errors.
Check for DNS errors
- We must check and confirm whether there is any Domain Name System (DNS)-related errors.
- If there are DNS errors, we must retry the DNS request using exponential backoff.
- Before retrying the DNS request we must ensure that we are able to resolve the inbound and outbound endpoints.
2. Troubleshoot consistent connection timeout errors
We must do the following as a basic thing when we receive consistent connection timeout errors.
i. Check the Lambda function's Amazon CloudWatch Logs
We must enable CloudWatch logging permissions to our Lambda function is not given already.
Then, review the function's logs to identify specific connection timeout errors.
ii. Check the VPC configuration
For Private Databases: We can do either of the following:
- Keep the Lambda function in the same Amazon Virtual Private Cloud (Amazon VPC) as the database.
- Create a VPC peering connection between the Amazon VPC that includes the function and the Amazon VPC that includes the database.
For Public Databases: Route public traffic through a network address translation (NAT) gateway or NAT instance for functions in an Amazon VPC.
iii. Check the security group rules
For Private Databases:
We can add an inbound rule to the DB security group that allows traffic from the CIDR range of the VPC's subnets or security group.
For Public Databases:
We can add an inbound rule to the DB security group that allows traffic from the NAT gateway or NAT instance of the VPC.
iv. Update the Lambda function handler
We can try Updating the Lambda function code so that the function opens the database connection outside of the function handler and doesn't close the connection.
v. Connect using an EC2 instance
- First, try connecting to Amazon Elastic Compute Cloud (Amazon EC2) instance with the same Amazon VPC configuration as the lambda function.
- Then, try connecting to the Amazon RDS DB instance from the EC2 instance.
vi. Use Amazon RDS Proxy
We can create an Amazon Relational Database Service (Amazon RDS) Proxy endpoint for the RDS database to handle the database traffic from the Lambda function.