If you want to limit Lightsail instance to be accessible by EC2 instance in your account, you can follow this document to set up VPC peering between your Lightsail VPC with an Amazon VPC: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/lightsail-how-to-set-up-vpc-peering-with-aws-resources
then you can modify Lightsail instance firewall rule to only allow traffic within VPC. This is the doc for reference: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/understanding-firewall-and-port-mappings-in-amazon-lightsail
By doing this, you can keep your Lightsail instance private and only accessible within VPC.
It looks like you have a VPC with private hosted zone(with A record pointing to lightsail IP address). You would like to access lightsail instance from EC2.
For access between ec2 and lightsail instance, you don’t need a NAT or IGW. You can simply set up VPC peering between your VPC and lightsail VPC. https://lightsail.aws.amazon.com/ls/docs/en_us/articles/lightsail-how-to-set-up-vpc-peering-with-aws-resources
Ensure lightsail firewall rule allow traffic from the EC2’s private IP, also ec2’s security groups and Network ACL allow outbound traffic to Lightsail’s IP. Since, Network ACL are stateful, it should allow inbound access from lightsail instance's IP.
- asked a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- Where can I find SSH login credentials so that I can connect to my Lightsail instance from an SSH client?AWS OFFICIALUpdated 2 years ago
- Why can't I connect to my VPC when using an AWS Site-to-Site VPN connection that terminates on a virtual private gateway?AWS OFFICIALUpdated 7 months ago