This topic describes the preparations that you must make to enable Function Compute to access a database. Specifically, you must create a virtual private cloud (VPC) and a vSwitch, create a database instance, configure a whitelist, and create a security group.
Step 1: Create a VPC and a vSwitch
You must create a vSwitch in a zone that is supported by Function Compute. For more information about the supported zones, see Configure functions to access VPC resources. For more information about how to create a VPC and a vSwitch, see Create an IPv4 VPC network.
Step 2: Create a database instance
You must create a database instance in the same VPC as Function Compute. You do not need to create the vSwitch in the same zone as Function Compute. vSwitches in the same VPC can communicate with each other regardless of whether they are in the same zone. You can refer to the following topics to create the database instances that you want to access:
- Create an ApsaraDB RDS for MySQL instance
- Create an ApsaraDB for MongoDB instance that meets your business needs
- Create an ApsaraDB for Redis instance
- Create an ApsaraDB RDS for SQL Server instance
- Create an ApsaraDB RDS for PostgreSQL instance
Step 3: Configure a whitelist
Enter the Classless Inter-Domain Routing (CIDR) blocks of the specified VPCs in the IP Addresses field to configure an IP address whitelist for the database instance. You can log on to the VPC console and find the CIDR block of a VPC on the VPCs page. For more information, see Configure a whitelist for an ApsaraDB RDS for PostgreSQL instance.
Step 4: Create a security group
The security group must have outbound traffic allowed from the internal CIDR block and port of the database. For more information about how to create a security group, see Create a security group.