DevOps Asked by mega6382 on August 22, 2021
So here is a scenario:
I have a route table that routes all traffic to the internet gateway, and I have a subnet associated with that route table, which makes it a public subnet. Now I create another route table and I route all its traffic to a Nat gateway that I created I created in the public subnet abovesubnet. Now I create another subnet in this private route table, and associate that with my ECS containers. So in effect, this is how the traffic is being routed:
But what is wrong with doing this:
Why doesn’t associating it with the internet gateway directly work? The first one seems like the same thing but with extra steps. I would really like to know why exactly that is necessary, and what happens "under the hood" in both cases, and what causes the second way to not work.
While this is completely possible, it would mean that your instance would be accessible from the internet. Public subnet means that your instances are accessible directly from the outside. Private subnet are not accessible from the outside as instances do not have a publicly routable IP.
In short, security
Correct answer by Kaymaz on August 22, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP