My goal is to send a SMS message through AWS Pinpoint using NodeJS and the AWS Pinpoint Gateway from behind a VPC. The code I am using works well on my local machine and in SAM where there are no VPC restrictions. I added a SNS and SMS VPC endpoint with security groups that give me access to each service individually. I can send an SMS using the aws-sdk SNS service.
I cannot seem to get Lambda to use pinpoint to send an SMS message. Is this possible? I cannot seem to find ports for the Pinpoint service? Is it possible to avoid exposing internet access to the VPN to send messages through AWS Pinpoint?
Role: Assigned All Pinpoint roles, SMS and SNS permissions for testing.
Message Configuration:
const AWS = require("aws-sdk");
AWS.config.update({region: process.env.SMS_REGION});
const PINPOINT = new AWS.Pinpoint({apiVersion: '2016-12-01'});
const PINPOINT_APP_ID = process.env.PINPOINT_APP_ID;
const params = {
ApplicationId: PINPOINT_APP_ID,
MessageRequest: {
Addresses: {
[number]: {
ChannelType: 'SMS'
}
},
MessageConfiguration: {
SMSMessage: {
Body: message,
OriginationNumber: origination_number,
SenderId: "senderId",
MessageType: process.env.SMS_MESSAGE_TYPE
}
}
}
};
await PINPOINT.sendMessages(params, (err, data) => {});
Region: us-west-2
There are no VPC interface endpoints for AWS Pinpoint, as shown in this AWS list. Therefore, you need to go through internet to access the service.
For your lambda, you have to place it in private subnet with NAT gateway in public subnet. Thanks to the NAT, your lambda function will be able to access pinpoint service.
The alternative would be to use private API gateway which integrates with other lambda as a proxy. Not ideal solution, but at the end of the day you have to go through internet, one way or the other.