This topic describes the preparations that you must make to enable Function Compute to access a database. Specifically, you must create a virtual private cloud (VPC) and a vSwitch, create a database instance, configure a whitelist, and create a security group.

Step 1: Create a VPC and a vSwitch

You must create a vSwitch in a zone that is supported by Function Compute. For more information about the supported zones, see Configure functions to access VPC resources. For more information about how to create a VPC and a vSwitch, see Create an IPv4 VPC network.

Step 2: Create a database instance

You must create a database instance in the same VPC as Function Compute. You do not need to create the vSwitch in the same zone as Function Compute. vSwitches in the same VPC can communicate with each other regardless of whether they are in the same zone. You can refer to the following topics to create the database instances that you want to access:

Step 3: Configure a whitelist

Enter the Classless Inter-Domain Routing (CIDR) blocks of the specified VPCs in the IP Addresses field to configure an IP address whitelist for the database instance. You can log on to the VPC console and find the CIDR block of a VPC on the VPCs page. For more information, see Configure a whitelist for an ApsaraDB RDS for PostgreSQL instance.

Step 4: Create a security group

The security group must have outbound traffic allowed from the internal CIDR block and port of the database. For more information about how to create a security group, see Create a security group.