15

I have this simple describe instances function that I'm trying to run in nodejs via AWS Lambda: 

var AWS = require('aws-sdk');
AWS.config.region = 'us-east-1';

exports.handler = function(event, context) {
    console.log("\n\nLoading handler\n\n");
    var ec2 = new AWS.EC2();
    ec2.describeInstances(function(err, data) {
        console.log("\nIn describe instances:\n");
      if (err) {
        console.log(err, err.stack); 
        context.done(null, 'Function Finished from error!');  // an error occurred
      }else {   
        console.log("\n\n" + data + "\n\n");
        context.done(null, 'Function Finished with data!');   // successful response 
      }
    });
};

This does not return me any errors the only output in CloudWatch is this: 

2016-03-21T17:01:59.085Z xxxxxxx-xx.... Task timed out after 3.00 seconds

Anyone have any idea what could be the problem?

Jedi
  • 3,088
  • 2
  • 28
  • 47
Tomas
  • 1,131
  • 2
  • 12
  • 25
  • 1
    Did you enable VPC access for your Lambda function? – Mark B Mar 21 '16 at 17:17
  • @MarkB yes I have selected VPC, subnets and security groups – Tomas Mar 21 '16 at 17:26
  • If you increase the timeout, it still times out? – Vsevolod Goloviznin Mar 21 '16 at 17:38
  • 1
    Does your VPC have a NAT gateway? If it doesn't, then your Lambda function with VPC access won't be able to access anything outside the VPC, including the AWS API. – Mark B Mar 21 '16 at 17:42
  • @MarkB this might be the issue.. I need to learn about NAT gateway first to see what I can do about that, thanks for pointing me to the right direction – Tomas Mar 21 '16 at 17:55
  • Make sure you have `AmazonEC2ReadOnlyAccess` minimum for permissions, too. – iSkore Mar 21 '16 at 18:01
  • 2
    If it was a permissions issue there would be an error message, not a timeout. This is most likely a network configuration issue. – Mark B Mar 21 '16 at 18:35
  • I'm having the same issue. I'm not sure what the matter is and the functoin call didn't even timeout when the lambda function timeout was increased to 5 minutes. @Thomas, if you figure it out, please update us. – Randy Mar 22 '16 at 00:26
  • @MarkB I've done some more research on this, and may I ask why is it that I have to use NAT gateway as all I'm doing is trying to connect to aws from inside the vpc, doesn't aws has its api open from the inside? Like is there a way just to use router as displayed in this picture? http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/images/nat-gateway-diagram.png – Tomas Mar 22 '16 at 12:04
  • 3
    @Tomas no sorry, they can't "open from the inside". That's not how VPC networking works. – Mark B Mar 22 '16 at 13:39
  • Just follow the instructions on this answer: http://stackoverflow.com/a/35463391/624109 – Muzikant Mar 23 '16 at 19:02
  • Solved this by setting up NAT gateway – Tomas May 25 '16 at 14:52

3 Answers3

11

I also faced same issue.. I increased timeout( Lambda --> Configuration --> Advanced Settings) from 3 seconds to 5 seconds and it worked fine.

Deepak Singhal
  • 10,568
  • 11
  • 59
  • 98
  • 1
    Another approach is to increase the memory config and set the timeout time to 30 seconds. Then run the test, it will show how long it needs. – Max Peng Nov 04 '16 at 03:57
3

Check this: https://medium.com/@philippholly/aws-lambda-enable-outgoing-internet-access-within-vpc-8dd250e11e12#.2sdn5oyd1

If you are in VPC, you can't access Internet anymore!

You should configure NAT to enable outgoing internet access in lambda.

Seung gi Lim
  • 46
  • 1
  • 5
    Please don't give link-only answers. You should always include the (minimal) neccessary step for a solution in the body of your answer. Link can go down and then your answer becomes useless. So just quote the needed steps and give credit where credit is due. – morten.c Mar 05 '17 at 16:12
2

Make sure the execution role has EC2 permissions and try using:

context.fail() or context.succeed()

vs

context.done()

jp_inc
  • 345
  • 4
  • 14