If you need to access a third-party service by using a function to obtain data or trigger other workflows, you must pass the access control check of the third-party service. When Function Compute executes a function, Function Compute dynamically allocates an instance to the function. Therefore, you cannot add the public IP address of the instance to the whitelist of the third-party service in advance. This topic describes how to build a proxy to assign a public IP address to a function.

Scenario

The following example shows how to assign a public IP address by using Function Compute:

  • Service A is a service in Function Compute. A specific function in Service A needs to access protected resources that are provided by Service B during execution.
  • Service B is a third-party service and uses a whitelist to authenticate visitors. You cannot add the IP address of the instance that executes the function to the whitelist of Service B in advance due to the randomness of the instance.

To implement the solution, perform the following steps:

  1. Build an NGINX proxy server for Service A to access Service B.
  2. Add the IP address of the proxy server to the whitelist of Service B. All the requests that pass through the proxy server and arrive at Service B are accepted, and the protected resources are returned to Service A.

Configuration procedure

  1. Write code for a function.
  2. Debug a function.
Note If the protected resources of the third-party service are stored in ApsaraDB RDS, you can access ApsaraDB RDS over a virtual private cloud (VPC). For more information, see Overview.