1

I am using MongoDB Atlas and AWS Lambda. My backend lambdas are written in python and i am using pymongo[aws] to connect to my cluster.

I have setup peering to allow connectivity only from inside my VPC.

When i run a query col.find, col.update_one, ... they are working fine, but when i call delete_one it times out.

Inside the VPC the lambda has no internet access but i didn't think it would be required for deletion...

Unless i am completely wrong, please why delete_one times out in my configuration ?

EDIT :

The AWS lambda contains 5 queries including update_one, find and delete_one.

Only the delete_one from this same lambda is timing out. Also, if i simply remove the lambda from the VPC, the delete_one is working again.

I add the link to my case in MongoDB community which was linked to connectivity using AWS credentials, but i have fixed this and i am asking at the end the issue with the delete_one.

Tom3652
  • 2,540
  • 3
  • 19
  • 45
  • If you can make a network connection for other commands, then this is not a network issue. Are you sure the database user account Lambda is using has delete privileges? – Mark B Apr 28 '23 at 17:32
  • Thanks for your comment @MarkB, i have just double checked and i indeed have the privilege granted i have "find, insert, update, remove" privileges. – Tom3652 Apr 29 '23 at 08:57
  • I am suggesting this is a network issue because if i remove my lambda from the VPC it's working fine with the same configuration. But as soon as i put my lambda in my VPC, the delete is not working. – Tom3652 Apr 29 '23 at 09:04
  • Is the Lambda doing the delete the same Lambda that is doing the other queries and stuff? Or is this Lambda only doing deletes? I'm trying to understand how the specific MongoDB commands are in any way related to the network connection. – Mark B Apr 29 '23 at 12:24
  • Inside the lambda, there are various commands including `update_one`, `find` , `delete_one`. It's not an isolated lambda that has no reachability. Also, i have tested other routes (i am using API gateway) that requests the same lambda with different queries to actually see if the lambda was an issue but all queries except the `delete_one` from this Lambda are working fine. – Tom3652 Apr 29 '23 at 13:02
  • Then it makes no sense how one piece of code inside this Lambda function would encounter a networking issue connecting to the database, while the other ones don't. There has to be something else going on. – Mark B Apr 29 '23 at 13:04
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/253385/discussion-between-tom3652-and-mark-b). – Tom3652 Apr 29 '23 at 13:05
  • 1
    Could you craft a simplistic lambda that reproduces the issue? I agree with Mark B that it's a bit of a mystery if the same code with same credentials works fine outside Lambda. If there are nothing obviously wrong with the code, it would require debugging with potentially custom Lambda layer to capture network traffic and self-hosted mongo to do the same on DB side. It's more likely than not that the clue can be spotted by static code analysis, so please give us the code to review. – Alex Blex Apr 30 '23 at 23:42
  • You are right i will try to investigate and debug it with a minimal lambda and environment, will update here once i have leads. – Tom3652 May 01 '23 at 10:28

1 Answers1

0

It was a silly mistake, i have not seen a nested method that was waiting for a response from another service on the internet, the delete_one is completely out of cause. I have spotted this by trying the delete_one on a minimalist Lambda function that was working.

To fix the issue, i have setup a Nat Gateway to route my traffic on the internet from my private VPC by using some public subnets.

The communication between my AWS Lambda and my MongoDB cluster atlas is still in peering and on private subnets.

Tom3652
  • 2,540
  • 3
  • 19
  • 45