Questions tagged [amazon-vpc]
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define
756
questions
0
votes
1
answer
639
views
Seamless switch from NAT GATEWAY to VPC gateway
My team is currently burdened by the NAT Gateway costs and we would like to switch over to VPC Gateway endpoint to reduce the costs associated with all the EC2-S3 communication.
at the same time,
We ...
-1
votes
1
answer
137
views
Can I connect two vpc's with one site to site vpn in same region?
I currently have one site to site vpn connected to one vpc.
I want to add a vpc here(It's the same region),
but I want to connect the on-premise network connected through site to site vpn through site ...
1
vote
0
answers
182
views
which ECS task network mode?
I have an Application Load Balancer in a private subnet (used by API Gateway) that targets an ECS task. I want that task to only be accessible from inside the VPC, not from the internet, but I do have ...
2
votes
2
answers
2k
views
AWS security group cross regions
I am trying to set a security group A to allow SSH access from security group B in a different region. I don't have much experience with networking in general and AWS networking.
Followed the ...
3
votes
1
answer
7k
views
Why does an S3 to S3 copy care about VPCs? Related to error: "VPC endpoints do not support cross-region requests."
Goal: Get files
from Bucket 1 in ca-central-1 in Account A
to Bucket 2 in us-east-1 in Account B
using the AWS CLI from a third machine using an the IAM role with correct S3 read and write ...
1
vote
0
answers
184
views
Linux instance vs Windows instance - different behaviour in an AWS private subnet routing traffic through a NAT
I'm experimenting with a NAT gateway vs a Squid proxy in an EC2 instance (both of these placed in the same public subnet). To test connectivity, I'm using a private subnet to access the internet (once ...
0
votes
0
answers
1k
views
Can't ping or traceroute through EC2 using AWS Site-to-Site VPN to Cisco ASA
My VPC is connected to Cisco ASA, tunnel is shown to be UP in the AWS console.
What is working:
The engineer on the Cisco side has successfully pinged my EC2
instance within my private 10.5.0.0/17 ...
1
vote
1
answer
155
views
Is it necessary to put public and private subnet in different vpc for extra safety
Currently we put public accessible resources like ALB inside public subnet, application servers and data storages inside private subnet (different data storage, say RDS and Elasticache, have their own ...
0
votes
1
answer
95
views
Move an Elastic IP from a VPC to Classic EC2
I know it is possible to "Move to VPC Scope", but is it also possible to move back from VPC to Classic EC2?
0
votes
1
answer
535
views
Creating Subnet IP address : IPv4 block sizes must be between a /16 netmask and /28 netmask
I'm new to AWS and I'm looking to create a subnet. Whenever I try the defaults subnets under I get either the error message "IPv4 block sizes must be between a /16 netmask and /28 netmask." ...
1
vote
1
answer
1k
views
AWS PrivateLink connection with HTTPS
I have two VPCs, a consumer VPC and a service VPC. Consumer application HAS to access the service via AWS PrivateLink and it HAS to be an HTTPS call. Here is my current setup, which works:
Note that ...
0
votes
0
answers
86
views
AWS: Classic RDS to VPC resulted in high CPU
We are running a single 5.7 MySQL Database
for couple of years using Amazon AWS RDS service.
3 days ago we moved our server from a Classic RDS into a VPC (no other action was done).
The load on our ...
0
votes
1
answer
375
views
NAT Gateway breaks incoming traffic for instances in public subnet
I have Elastic Beanstalk instances accessible through an ALB in public subnets and want to assign them a single IP address (A partner asked us for an IP to whitelist to access their services)
I have ...
0
votes
1
answer
263
views
How do I deploy a docker container on AWS Elastic Beanstalk privately such that only other AWS resources can access it?
Need to make an AWS deployment decision. A lot of this tech (docker, beanstalk) is pretty new so I don't know best practices (and I'm also foggier than I'd like to be on networking and security).
Tech ...
1
vote
1
answer
1k
views
Fargate task from service with Public IP disabled can't download env file from S3
We have a Fargate service that should be exposed to the internet via a load balancer, and since for tests we had used so far the random Public IP of the task, we decided to disable the Public IP, so ...