All Questions
Tagged with amazon-vpc amazon-web-services
568
questions
0
votes
1
answer
32
views
How to limit AWS VPC endpoint to to signed requests
We had a scan done recently of our AWS infrastructure, and one of the high risk level items that we need to address is to
Identify any fully accessible VPC endpoints and update their access policy in ...
1
vote
2
answers
267
views
Subnet associations in AWS Route tables
What is this "Subnet Associations" in AWS Route tables? Do I have to add the subnets under "Explicit Subnet Associations" as well?
It is already under "Subnets without ...
0
votes
1
answer
68
views
What actually makes an EC2 instance in a private subnet unreachable from the internet?
I'm reading everywhere (including the official documentation) that an EC2 instance in a private subnet cannot be reached from the internet, even if it has a public IP.
Let's say I have a 10.0.0.0/16 ...
1
vote
1
answer
330
views
Remove public IPv4 from AWS EC2 instances
Since February 1, 2024, AWS started charging for public IPv4 and I have several EC2 instances.
Some instances I can having only public IPv6, for others I need to keep public IPv4. I disabled Elastic ...
1
vote
1
answer
399
views
Migrate AWS ECS cluster IPV4 to IPV6
I'm trying to avoid this new cost (public IPv4) in aws for small projects because it will represent a big percentage of the cost.
In my ECS cluster, I use EC2 instances as capacity providers, ...
0
votes
0
answers
14
views
AWS VPC Connect Endpoint and Workbrench integration
I have some RDS instances under a private subnet and a bastion host (ec2 instance) with a public IP to connect to it. As part of getting a security certification we need to get rid of all ec2 ...
0
votes
0
answers
80
views
Prioritize S2S VPN on AWS when using 1 VGW
We have the following AWS setup:
1 VPC
1 Virtual Private Gateway (VGW)
8 Customer Gateways (CGWs)
8 Site-to-Site (S2S) VPN connections
We have 4 sites, each connected to our VPC with 2 S2S VPN ...
0
votes
1
answer
169
views
Allow AWS Identity provider to access a private VPC where the OIDC Idp resides
We want to implement Gitlab-AWS short-lived credentials but our Gitlab instance is located inside a private, non internet accessible VPC Subnet.
I have looked into VPC Endpoints but I cannot find the ...
0
votes
1
answer
284
views
how to block outgoing traffic in ec2 without blocking ssh
I have an EC2 with has public subnet and traffic is flowing through internet gateway.
Now, i have an requirement like I have to block all outgoing traffic in EC2.
I have tried to restrict the traffic ...
0
votes
1
answer
110
views
Spoke VPC over VPN to IGW
Is it possible to modify this solution so a spoke VPC connects to the TGW hub over VPN, and that spoke VPC's internet access is centralized full tunnel?
https://aws.amazon.com/blogs/networking-and-...
0
votes
2
answers
187
views
AWS CIDR Address is not within CIDR Address from VPC
In AWS have created VPC which CIDR is 10.0.0.24.I want to creates its two subnet.its public-subnet is in us-west-1a - IPv4 CIDR 10.0.0.0/24 thenwhen I create private subnet is in us-west-1b - ...
0
votes
0
answers
352
views
How to remove headers from all outgoing requests in AWS services (e.g. Lambda)
Just wondering, is there a way to remove a header from all outgoing network requests in AWS?
I have a VPC with public and private subnets and a NAT gateway in the public subnet. A Lambda in this VPC ...
0
votes
2
answers
248
views
Unable to access apache2 from outside
I'm hosting a default site for apache2 server on AWS EC2 (Ubuntu) with Elastic IP.
Security group set to open all inbound (testing purposed).
I can access the server via SSH using public IP but I can'...
0
votes
0
answers
161
views
AWS - I want to route traffic from one VPC to another, but I want all traffic INTO that VPC to share an IP
Due to a very complicated situation that I can't really get into, we have a VPC that has access to a certain server via a direct connection.
This server requires that we whitelist an IP to access it. ...
0
votes
0
answers
119
views
Can we setup VPC for AWS Lightsail resources?
I am developing an app and to host backend system I am using AWS Lightsail. Is there a way to keep all the inter service communication private?
I am aware this can be achieved with VPC while using AWS ...