How can Ec2 Instance in private subnet access internet via vpc endpoint?

0

I connected to ec2 intance in private subnet via Bastion Host.Then I created a vpc gateway endpoint to reach s3. I assigned the required role to ec2 and the connection to s3 is done. My question is, how can Ec2 instance in private subnet dowload something from the internet?

質問済み 2年前1383ビュー
2回答
1
承認された回答

Hi, regarding your comment "Ec2 instance in private subnet was able to install some programs while I had vpcendpoint, even though it was not nat gateway", was this Amazon Linux, and were the packages you installed part of the Linux distribution or third-party? Amazon Linux is hosted in S3 so you don't need outbound internet access to update or install stuff from there, just S3 access as you've found. See https://aws.amazon.com/premiumsupport/knowledge-center/ec2-al1-al2-update-yum-without-internet/.

エキスパート
回答済み 2年前
profile picture
エキスパート
レビュー済み 5ヶ月前
profile picture
エキスパート
レビュー済み 1年前
  • yum update, yum install git... When I used these commands, it performed the download process, but it cannot ping. I guess, as you said, these are the packages belonging to the Linux distribution.

0

Check out this document about setting up a NAT Gateway.

Instances in a private subnet do not have public IP addresses so they need a either a NAT Gateway or NAT instance to securely connect to the internet. VPC Endpoints are a way for you to securely connect to AWS Services, here's a list of currently supported services. Essentially it allows you to connect your EC2 to S3 (among other services) without traversing the public internet. They aren't used for giving EC2 instances public internet access. That's where a NAT Gateway or Instance comes into play.

AWS
AWSJoe
回答済み 2年前
profile picture
エキスパート
レビュー済み 6ヶ月前
  • I know what you say, that's why I asked this question. Today, a Ec2 instance in private subnet was able to install some programs while I had vpcendpoint, even though it was not nat gateway.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ