Connect timeout from AWS lambda to AWS codepipeline

Question

I am trying to trigger code pipeline from lambda using below link got the lambda python code as well.

https://aws.amazon.com/blogs/devops/adding-custom-logic-to-aws-codepipeline-with-aws-lambda-and-amazon-cloudwatch-events/

But somehow while running i am getting exception as Connect timeout on endpoint URL "https://codepipeline.ap-southeast-2.amazonaws.com/"

I have opened all traffic using security group attached to lambda.

Please suggest what else to check here.

Thanks Sharad

Answer 1

You are running your Lambda function in a VPC (as evidenced by the fact that you said it has a security group attached). A Lambda function in a VPC cannot access anything outside the VPC without a route to a NAT Gateway. A Lambda function in a VPC never gets a public IP assigned to it, so it can never use a VPC Internet Gateway directly. Thus to access anything outside your VPC, such as the AWS API to trigger a CodePipeline run, the Lambda function needs to be deployed only in subnets of your VPC that have a route to a NAT Gateway.

The alternative would be to add a VPC Endpoint for the specific AWS Service you want to access.