How do I access AWS Elasticache through Amplify Lambda functions

[mintavenger]

Before opening, please confirm:

• [X] I have checked to see if my question is addressed in the FAQ.
• [X] I have searched for duplicate or closed issues.
• [X] I have read the guide for submitting questions.
• [X] I have removed any sensitive information from my code snippets and submission.

App Id

arn:aws:amplify:us-east-1:416605442945:apps/d2f4v5hvutyl8x

AWS Region

us-east-1

Amplify Hosting feature

Service role

Question

Our Next.Js hosted on Amplify current uses Upstash for Redis. We would like to use AWS Elasticache, but there doesn't seem to be any way to connect a Redis instance. After creating the redis cluster we don't have a way for the Amplify controlled lambdas to get access to Redis. Is there a way to use AWS Elasticache (Redis) with AWS Amplify?

We did see documentation for S3 and for DynamoDB so we were hoping other services could be supported.

[nadetastic]

Hi @mintavenger thank you for opening this issue. To clarify when you mention "Functions" are you referring to the function you generate with the cli command amplify add function?

[mintavenger]

Hi @nadetastic, thanks for getting back to me. I'm referring to the generated Lambda functions created from the pages/api NextJS routes (pages). Does that make sense? I want to swap out Upstash with AWS Elasticache (redis) but the lambda functions generated don't seem to have permission to access the VPC of the AWS Elasticache.

info  - Collecting page data
info  - Generating static pages (72/72)
info  - Finalizing page optimization

Route (pages)                                                                  Size     First Load JS
┌ ○ /                                                                          10.2 kB         911 kB
├   /_app                                                                      0 B             879 kB
├ λ /api/addWallet                                                             0 B             879 kB
├ λ /api/allowlist/[allowlistId]/collabs                                       0 B             879 kB
├ λ /api/allowlist/calendar                                                    0 B             879 kB

[nadetastic]

Thanks for confirming @mintavenger. Currently, support for automatic VPC access isn't provided to the Compute Lambda functions or Amplify apps in general, and is something that is being tracked on this issue https://github.com/aws-amplify/amplify-hosting/issues/794

As a work around, you could look into using a proxy between your app (api route) and ElastiCache.

api route => proxy => ElastiCache

However I strongly recommend that you look into this thoroughly if you have any security concerns or are running ElastiCache in a private subnet.

• Amazon VPCs and ElastiCache security

[mintavenger]

Hi @nadetastic you mentioned no support for automatic VPC access. Is there a way to manually allow Amplify to access a ElastiCache cluster (i.e., could it be done via CDK)? Doing the API -> proxy -> Elasticache would have pretty high latency. Since the lambdas are already running within AWS stack, any workarounds to make it happen? If not, I totally get it and will continue to use Upstash for Redis.