Posted On: Oct 20, 2020
Amazon Lambda now supports Amazon PrivateLink. With this feature you can manage and invoke Lambda functions from your Virtual Private Cloud (VPC) without exposing your traffic to the public internet. PrivateLink provides private connectivity between your VPCs and Amazon Web Services services, like Lambda, on the private Amazon Web Services network.
With PrivateLink, you can provision and use VPC endpoints to access the Lambda API from your VPC. VPC endpoints deliver reliable connectivity to Lambda without requiring Internet Gateway, Network Address Translation (NAT) devices, or firewall proxies. You can attach Amazon Identity and Access Management (IAM) policies to your VPC endpoint to control who can use the VPC endpoint and which functions can be accessed from that VPC endpoint.
Lambda supports PrivateLink in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. Please refer to PrivateLink Pricing for price of using VPC endpoints. You can get started by creating a VPC endpoint for Lambda using Amazon Web Services Management Console, Amazon CLI, or Amazon CloudFormation. To learn more, visit Lambda developer guide.