tl;dr - When I run a local Lambda does it try to connect to remote RDS using the values from Secrets Manager (host for instance is a remote URL)? Expectation was that everything was emulated in Docker including remote endpoints for RDS, am I wrong? Also, how can I use a local Lambda Layer for rapid development instead of having to upload a new Lambda Layer and then it being cached locally?
Hi, I am trying to test my Lambda's locally to speed up development, I see that the Docker container is downloaded and up to date when I run. The Lambda starts off great by getting the DB connection details from Secrets Manager, but then things fall apart...
Secrets Manager includes the username/password and connection details (host, port, etc.) for connecting to RDS. When I try to use these values locally I receive the 'connection refused' error, this leads me to believe that my local Lambda may be trying to connect to the remote endpoint provided by Secrets Manager. My RDS is configured in a VPC meaning that I won't be able to connect locally to it.
My expectation was that because I'm running in Docker, remote endpoints would be emulated and using the 'host' value from Secrets Manager would be fine. However, I suspect that I have to change my endpoints locally to obtain a successful connection because my RDS is hosted in a VPC and doesn't allow external connections.
Can someone please help me understand how to locally test Lambda's without the risk that I have to change my endpoints and remember to update them when I publish my Lambda's to the cloud?
Lastly, I am using Lambda Layers and I notice that they are cached from the cloud, this makes updating the Layer tedious because I have to upload it to the cloud each time, instead of using a local version. My expectation was that I could overwrite the cloud version with a local version to speed up development and eliminate uploading the Lambda Layer each time it changes (which requires a new version number and updating all dependencies in my code each time). Thoughts?
Thank you!!
This is incorrect.
As per docs, the Lambda runtime interface emulator is 'a lightweight web server that converts HTTP requests into JSON events to pass to the Lambda function in the container image'.
It doesn't emulate all AWS related functionality locally - take a look at Localstack that will allow you to 'run' (emulate) secrets manager locally. As for your RDS database, that can just be run locally in Docker based on the DB engine e.g.
postgres.