Running queries on RDS Aurora from AWS Lambda

You can find the relevant set of steps for accessing your Amazon Aurora instance using Lambda in the following documentation:

[+] Tutorial: Configuring a Lambda Function to Access Amazon RDS in an Amazon VPC – https://docs.aws.amazon.com/lambda/latest/dg/vpc-rds.html

I also carried out a test for connecting to my Aurora instance from Lambda. Following are the steps taken by me in order to achieve the same:

Create an Aurora Cluster and connect to the Writer instance using cluster endpoint. Create sample database and table. (Make sure you have correct set of source IP address given in the Security group of the instance for allowing successful connection. )

Now coming to creating a Lambda function to access the Aurora instance:


Creating Role

To start with, we first need to create an execution role that gives your lambda function permission to access AWS resources. 

Please follow the to create an execution role:

1. Open the roles page in the IAM console: https://console.aws.amazon.com/iam/home#/role
2. Choose Roles from the left dashboard and select Create role.
3. Under the tab “Choose the service that will use this role” select Lambda and then Next:Permissions
4. Search for “AWSLambdaVPCAccessExecutionRole”. Select this and then Next:Tags
5. Provide a Tag and then a Role Name (ex. lambda-vpc-role) and then Create Role.

The AWSLambdaVPCAccessExecutionRole has the permissions that the function needs to manage network connections to a VPC. 


Creating Lambda Function

Please follow the below steps to create a Lambda function:

1. Open the Lambda Management Console : https://console.aws.amazon.com/lambda
2. Choose Create a function
3. Choose In Author from scratch, and then do the following: 
    * In Name*, specify your Lambda function name.
    * In Runtime*, choose Python 2.7.
    * In Execution Role*, choose “Use an existing role”.
    * In Role name*, enter a name for your role which was previously created “lambda-vpc-role”.
4. Choose create function.
5. Once you have created the lambda function, navigate to the function page .
6. In the function page, Under Networks Section do the following.
    * In VPC, choose default VPC
    * In Subnets*, choose any two subnets
    * In Security Groups*, choose the default security group
7. Click on Save

Setting up Lambda Deployment Environment

Next you will need to set up a deployment environment to deploy a python code that connects to the RDS database.
To connect to a Aurora using Python you will need to import pymysql module. Hence we need to install dependencies with Pip and create a deployment package. In your local console please execute these commands in your local environment. 

1. Creating a local directory which will be the deployment package:
$ mkdir rds_lambda;

$ cd rds_lambda/

$ pwd
/Users/user/rds_lambda

2. Install pymysql module 
$ pip install pymysql -t /Users/user/rds_lambda

By executing the above command you will install the pymysql module in your current directory

3. Next create a python file which contain the code to connect to the RDS instance:
$sudo nano connectdb.py

I have attached the file “connectdb.py” which has the  Python code to connect to the RDS instance.

4. Next we need to zip current directory and upload it to the lambda function.
$ zip -r rds_lambda.zip `ls` 

The above command creates a zip file “rds_lambda.zip” which we will need to upload to the lambda function.
Navigate to the newly created lambda function Console page :

1. In the Function Code section -> Code Entry Type -> From the drop down select upload a zip file
2. Browse the zip file from the local directory 
3. Next you in the Function Code Section you will have to change the Handler to pythonfilename.function (ex. connectdb.main).
4. Click Save.
5. Next you will need to Add  the security group of the Lambda Function in your RDS Security group.
6. After that test the connection, by creating a test event.

If you see that the execution successful then the connection has been made.

You may also go through the below video link which will give a detailed explanation on how to connect to an RDS instance using a lambda function
[+]https://www.youtube.com/watch?v=-CoL5oN1RzQ&vl=en

Followed by successfully establishing the connection, you can modify the python file to query databases inside the Aurora instance.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s