For the following question, adding a NAT GW is indicated as a correct option. However, the question says the function worked before (ie, NAT was present already), and has stopped working after DB interaction was added. Please clarify.
A serverless application is using a Lambda function which fetches data from a public REST API as part of its processing. There is a new requirement to configure the function to store the results to a database hosted in a virtual private cloud (VPC) in your account. You have provided the additional VPC-specific configuration information which includes the subnet IDs and security group IDs. However, your function had stopped working and could not complete the processing after your change.
Which of the following should you do to fix this issue? (Choose 2)
Take note that it is a common misconception that the “NAT was present already” simply because the Lambda function is working properly.
Please refer to the AWS documentation below:
By default, Lambda runs your functions in a secure VPC with access to AWS services and the internet. The VPC is owned by Lambda and does not connect to your account’s default VPC. When you connect a function to a VPC in your account, it does not have access to the internet unless your VPC provides access.