- 新しい順
- 投票が多い順
- コメントが多い順
For private subnets, access to the public Internet requires a NAT gateway or NAT instance.
Other outbound traffic (e.g., communications within a VPC) can communicate without a NAT gateway.
Access to AWS services (e.g. S3) requires a VPC endpoint or NAT gateway.
You can use NAT instance, see the difference between the two solutions:
NAT Gateway Vs NAT Instance:
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-comparison.html
You can also deploy Squid Proxy for internet outgoing access control.
It depends what you mean by "outbound". Previous answers have covered IPv4 traffic going directly from your subnet to the general internet or to AWS services. Also IPv6 traffic may use an egress-only IPv6 gateway to reach the internet from a private subnet. And outbound traffic could go via direct-connect or site-to-site VPN to go through an on-prem proxy on the way to the internet or just to reach on-prem servers.
関連するコンテンツ
- 質問済み 5年前
- AWS公式更新しました 7ヶ月前
- AWS公式更新しました 2年前
- AWS公式更新しました 2年前