使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

How to create a no-internet access (private) subnet?

0

Points of My Scenario:

  1. I tried to create 3 private subnets (subnets without an internet gateway) so that EC2 instances would be unable to access Internet
  2. I used the procedure in AWS document https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html
  3. Upon completion, I checked the route table for each subnet...
  4. Alas! Each one had destination 0.0.0.0/0 associated with the default igw-<GUID>: just like the other system-generated subnets.

Question: why is this happening and how can I create truly private subnets?

主题
网络和内容交付
标签
亚马逊 VPC
语言
English
waltforbes
已提问 1 年前666 查看次数
1 回答
4
已接受的回答

In your VPC is a default route table. The instructions on that page don't mention it but if you don't assign a specific route table to a subnet the default is used. In your case, the default route table has a route to the Internet Gateway.

To fix this, create a new route table in your VPC and assign it to the private subnets.

profile pictureAWS
专家
Brettski-AWS
已回答 1 年前
profile picture
专家
Oleksii Bebych
已审核 15 小时前
profile pictureAWS
专家
AWS-User-Nitin
已审核 1 年前
  • waltforbes
    1 年前

    OMG! That's it! That works! A bundle of thanks, Brettski-AWS!

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容