Not all the Oracle Instant Client files are needed. From this older npm module to automate the packaging of the required libraries, I used this same list of required libraries:
libons.so (not packaged in current Instant Client)
libaio.so (from separate download - see next step)
libaio – if you’re on a Linux platform you can ‘apt-get install libaio’ or similar, but building my Lambda on a Mac I had to manually download the package and extract just the .so file from here (download the Arch Linux x64 package): https://pkgs.org/download/libaio
Put these in a /lib dir and zip up the folder and files. Use this to create a Lambda Layer.
For the Lambda itself install the node.js module for the api:
For a Lambda to access an AWS RDS database instance, it needs to be in the same VPC as the RDS instance. However, if you haven’t created and assigned a role with persmissions for the Lambda to access the VPC, you’ll see this error when creating your Lambda:
To fix this per steps in the tutorial here, create a role with permission ‘AWSLambdaVPCAccessExecutionRole’.
I’ve created an RDS Oracle instance and I want to connect to it from an EC2 instance. I created both in the same VPC.
By default, even though they’re in the same VPC, the EC2 will not be able to connect to the Oracle instance because you still need to configure the Security Group to allow inbound traffic.
Let’s summarize the setup like this – both are in VPC1:
EC2 : Security Group SG-111
RDS Oracle instance: Security Group SG-222
Edit SG-222 for the Oracle instance, and add an inbound rule. Instead of adding a CIDR block range, start typing SG-111… and it will list matching SGs with that id – click to select the id for Security Group associated to the EC2. You’ve now allowed inbound traffic to your RDS Oracle instance from the EC2.