diff --git a/examples/aws-lambda-vpc/.gitignore b/examples/aws-lambda-vpc/.gitignore
new file mode 100644
index 000000000..cc54d25a1
--- /dev/null
+++ b/examples/aws-lambda-vpc/.gitignore
@@ -0,0 +1,3 @@
+
+# sst
+.sst
diff --git a/examples/aws-lambda-vpc/index.ts b/examples/aws-lambda-vpc/index.ts
new file mode 100644
index 000000000..4cb5e4819
--- /dev/null
+++ b/examples/aws-lambda-vpc/index.ts
@@ -0,0 +1,22 @@
+import { Resource } from "sst";
+import { Cluster } from "ioredis";
+
+const redis = new Cluster(
+  [{ host: Resource.MyRedis.host, port: Resource.MyRedis.port }],
+  {
+    dnsLookup: (address, callback) => callback(null, address),
+    redisOptions: {
+      tls: {},
+      username: Resource.MyRedis.username,
+      password: Resource.MyRedis.password,
+    },
+  }
+);
+
+export const handler = async () => {
+  const counter = await redis.incr("counter");
+  return {
+    statusCode: 200,
+    body: `Hit counter: ${counter}`
+  };
+};
diff --git a/examples/aws-lambda-vpc/package.json b/examples/aws-lambda-vpc/package.json
new file mode 100644
index 000000000..e93ffbfa7
--- /dev/null
+++ b/examples/aws-lambda-vpc/package.json
@@ -0,0 +1,19 @@
+{
+  "name": "aws-lambda-vpc",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "ioredis": "^5.4.1",
+    "sst": "3.1.68"
+  },
+  "devDependencies": {
+    "@types/aws-lambda": "8.10.145"
+  }
+}
diff --git a/examples/aws-lambda-vpc/sst-env.d.ts b/examples/aws-lambda-vpc/sst-env.d.ts
new file mode 100644
index 000000000..22ad0aad5
--- /dev/null
+++ b/examples/aws-lambda-vpc/sst-env.d.ts
@@ -0,0 +1,25 @@
+/* This file is auto-generated by SST. Do not edit. */
+/* tslint:disable */
+/* eslint-disable */
+import "sst"
+export {}
+declare module "sst" {
+  export interface Resource {
+    "MyFunction": {
+      "name": string
+      "type": "sst.aws.Function"
+      "url": string
+    }
+    "MyRedis": {
+      "host": string
+      "password": string
+      "port": number
+      "type": "sst.aws.Redis"
+      "username": string
+    }
+    "MyVpc": {
+      "bastion": string
+      "type": "sst.aws.Vpc"
+    }
+  }
+}
diff --git a/examples/aws-lambda-vpc/sst.config.ts b/examples/aws-lambda-vpc/sst.config.ts
new file mode 100644
index 000000000..6fef731bf
--- /dev/null
+++ b/examples/aws-lambda-vpc/sst.config.ts
@@ -0,0 +1,66 @@
+/// <reference path="./.sst/platform/config.d.ts" />
+
+/**
+ * ## AWS Lambda in a VPC
+ *
+ * You can use SST to locally work on Lambda functions that are in a VPC. To do so, you'll
+ * need to enable `bastion` and `nat` on the `Vpc` component.
+ *
+ * ```ts title="sst.config.ts"
+ * new sst.aws.Vpc("MyVpc", { bastion: true, nat: "managed" });
+ * ```
+ *
+ * The NAT gateway is necessary to allow your Lambda function to connect to the internet. While,
+ * the bastion host is necessary for your local machine to be able to tunnel to the VPC.
+ *
+ * You'll need to install the tunnel, if you haven't done this before.
+ *
+ * ```bash "sudo"
+ * sudo sst tunnel install
+ * ```
+ *
+ * This needs _sudo_ to create the network interface on your machine. You'll only need to do
+ * this once.
+ *
+ * Now you can run `sst dev`, your function can access resources in the VPC. For example, here
+ * we are connecting to a Redis cluster.
+ *
+ * ```ts title="index.ts"
+ * const redis = new Cluster(
+ *   [{ host: Resource.MyRedis.host, port: Resource.MyRedis.port }],
+ *   {
+ *     dnsLookup: (address, callback) => callback(null, address),
+ *     redisOptions: {
+ *       tls: {},
+ *       username: Resource.MyRedis.username,
+ *       password: Resource.MyRedis.password,
+ *     },
+ *   }
+ * );
+ * ```
+ *
+ * The Redis cluster is in the same VPC as the function.
+ */
+export default $config({
+  app(input) {
+    return {
+      name: "aws-lambda-vpc",
+      removal: input?.stage === "production" ? "retain" : "remove",
+      home: "aws",
+    };
+  },
+  async run() {
+    const vpc = new sst.aws.Vpc("MyVpc", { bastion: true, nat: "managed" });
+    const redis = new sst.aws.Redis("MyRedis", { vpc });
+    const api = new sst.aws.Function("MyFunction", {
+      vpc,
+      url: true,
+      link: [redis],
+      handler: "index.handler"
+    });
+
+    return {
+      url: api.url,
+    };
+  },
+});
diff --git a/examples/aws-lambda-vpc/tsconfig.json b/examples/aws-lambda-vpc/tsconfig.json
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/examples/aws-lambda-vpc/tsconfig.json
@@ -0,0 +1 @@
+{}
diff --git a/www/src/content/docs/docs/examples.mdx b/www/src/content/docs/docs/examples.mdx
index 578a57390..602f26157 100644
--- a/www/src/content/docs/docs/examples.mdx
+++ b/www/src/content/docs/docs/examples.mdx
@@ -790,6 +790,64 @@ return {
 View the [full example](https://github.com/sst/ion/tree/dev/examples/aws-lambda-stream).
 
 
+---
+## AWS Lambda in a VPC
+
+You can use SST to locally work on Lambda functions that are in a VPC. To do so, you'll
+need to enable `bastion` and `nat` on the `Vpc` component.
+
+```ts title="sst.config.ts"
+new sst.aws.Vpc("MyVpc", { bastion: true, nat: "managed" });
+```
+
+The NAT gateway is necessary to allow your Lambda function to connect to the internet. While,
+the bastion host is necessary for your local machine to be able to tunnel to the VPC.
+
+You'll need to install the tunnel, if you haven't done this before.
+
+```bash "sudo"
+sudo sst tunnel install
+```
+
+This needs _sudo_ to create the network interface on your machine. You'll only need to do
+this once.
+
+Now you can run `sst dev`, your function can access resources in the VPC. For example, here
+we're connecting to a Redis cluster.
+
+```ts title="index.ts"
+const redis = new Cluster(
+  [{ host: Resource.MyRedis.host, port: Resource.MyRedis.port }],
+  {
+    dnsLookup: (address, callback) => callback(null, address),
+    redisOptions: {
+      tls: {},
+      username: Resource.MyRedis.username,
+      password: Resource.MyRedis.password,
+    },
+  }
+);
+```
+
+The Redis cluster is in the same VPC as the function.
+```ts title="sst.config.ts"
+const vpc = new sst.aws.Vpc("MyVpc", { bastion: true, nat: "managed" });
+const redis = new sst.aws.Redis("MyRedis", { vpc });
+const api = new sst.aws.Function("MyFunction", {
+  vpc,
+  url: true,
+  link: [redis],
+  handler: "index.handler"
+});
+
+return {
+  url: api.url,
+};
+```
+
+View the [full example](https://github.com/sst/ion/tree/dev/examples/aws-lambda-vpc).
+
+
 ---
 ## AWS multi-region
 
@@ -1624,6 +1682,22 @@ new sst.aws.StaticSite("Web", {
 View the [full example](https://github.com/sst/ion/tree/dev/examples/aws-vite).
 
 
+---
+## Cloudflare Cron
+
+This example creates a Cloudflare Worker that runs on a schedule.
+```ts title="sst.config.ts"
+const cron = new sst.cloudflare.Cron("Cron", {
+  job: "index.ts",
+  schedules: ["* * * * *"]
+});
+
+return {};
+```
+
+View the [full example](https://github.com/sst/ion/tree/dev/examples/cloudflare-cron).
+
+
 ---
 ## Cloudflare KV