Error: connect ETIMEDOUT rds lambda

node.js aws-lambda amazon-rds
user1042327 picture user1042327 · Mar 9, 2016 · Viewed 13.3k times · Source

I am trying to connect to RDS using Lambda function, but I am getting an error:

var mysql = require('mysql');
exports.handler = function(event, context) {   
           //Connect to RDS

var connection = mysql.createConnection({
host     : 'hostname',
user     : 'username',
password : 'password',
database : 'database'

});

connection.connect( function(err)
{
   if (err)
   { 
     throw err;
   }
else 
  {
    console.log('DB connection establish');
  }
  });

 };

The error I am getting is: 

START RequestId: 9711e650-e582-11e5-af5f-97ba391a42ae Version: $LATEST

2016-03-08T23:08:06.737Z    9711e650-e582-11e5-af5f-97ba391a42ae    
Error: connect ETIMEDOUT  
  at Connection._handleConnectTimeout (/var/task/node_modules/mysql/lib/Connection.js:412:13)       
      at Socket.g (events.js:180:16)   
    at Socket.emit (events.js:92:17)   
    at Socket._onTimeout (net.js:327:8)     
    at _makeTimerTimeout (timers.js:429:11)   
    at Timer.unrefTimeout [as ontimeout] (timers.js:493:5)    
    --------------------
    at Protocol._enqueue (/var/task/node_modules/mysql/lib/protocol   /Protocol.js:141:48)    
    at Protocol.handshake (/var/task/node_modules/mysql/lib/protocol    /Protocol.js:52:41)      
    at Connection.connect (/var/task/node_modules/mysql     /lib/Connection.js:123:18)     
    at exports.handler (/var/task/exports.js:21:12)     
END RequestId: 9711e650-e582-11e5-af5f-97ba391a42ae        
REPORT RequestId: 9711e650-e582-11e5-af5f-97ba391a42ae  
Duration: 10988.17ms    
Process exited before completing request

Answer

ajmcgarry picture ajmcgarry · Feb 16, 2017

I had the same problem as this and just got it fixed. Seeing as this is the top search result for this problem on stackoverflow, I am going to post my solution here.

This answer is for an RDS instance inside a VPC

  1. place the Lambda function in the same VPC as your RDS instance

  2. your lambda execution role you will need to have VPC execution policy AWSLambdaVPCAccessExecutionRole

  3. assign a security group to the lambda function

  4. In the security attached to the RDS instance, add an inbound rule for mysql/aurora (port 3306) and rather than adding it for an IP address add it for your lambda functions security group.

In summary this places the lambda in the same VPC as RDS and gives the lambda function inbound access to MYSQL regardless of the IP of the lambda function.

Related questions

Can an AWS Lambda function call another

I have 2 Lambda functions - one that produces a quote and one that turns a quote into an order. I'd like the Order lambda function to call the Quote function to regenerate the quote, rather than just receive it from …

Read More
Why is this HTTP request not working on AWS Lambda?

I'm getting started with AWS Lambda and I'm trying to request an external service from my handler function. According to this answer, HTTP requests should work just fine, and I haven't found any documentation that says otherwise. (In fact, people …

Read More
Nodejs - Invoke an AWS.Lambda function from within another lambda function

I have the following function which I use to invoke a Lambda function from within my code. However when I try to use it within a Lambda function, I get the following error: AWS lambda undefined 0.27s 3 retries] invoke({ FunctionName: …

Read More