AWS Lambda now supports AWS PrivateLink
AWS Lambda now supports AWS PrivateLink. With this feature you can manage and invoke Lambda functions from your Virtual Private Cloud (VPC) without exposing your traffic to the public internet. PrivateLink provides private connectivity between your VPCs and AWS services, like Lambda, on the private AWS network.
With PrivateLink, you can provision and use VPC endpoints to access the Lambda API from your VPC. VPC endpoints deliver reliable connectivity to Lambda without requiring Internet Gateway, Network Address Translation (NAT) devices, or firewall proxies. You can attach AWS Identity and Access Management (IAM) policies to your VPC endpoint to control who can use the VPC endpoint and which functions can be accessed from that VPC endpoint.
Lambda supports PrivateLink in the following regions: US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Hong Kong), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), China (Beijing), China (Ningxia), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Middle East (Bahrain), South America (São Paulo), AWS GovCloud (US-East), AWS GovCloud (US-West). For more information, see the AWS Region table. Please refer to PrivateLink Pricing for price of using VPC endpoints. You can get started by creating a VPC endpoint for Lambda using AWS Management Console, AWS CLI, or AWS CloudFormation. To learn more, visit Lambda developer guide.