Questions tagged [amazon-vpc]
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define
756
questions
0
votes
1
answer
2k
views
How to create EKS cluster with VPC CNI addon via CloudFormation?
I create a EKS cluster (1.24) via cloudformation, it works fine without a CNI plugin but fails when I add vpc-cni addon:
AddonCNI:
Type: 'AWS::EKS::Addon'
Properties:
AddonName: vpc-...
0
votes
1
answer
32
views
How to limit AWS VPC endpoint to to signed requests
We had a scan done recently of our AWS infrastructure, and one of the high risk level items that we need to address is to
Identify any fully accessible VPC endpoints and update their access policy in ...
1
vote
2
answers
267
views
Subnet associations in AWS Route tables
What is this "Subnet Associations" in AWS Route tables? Do I have to add the subnets under "Explicit Subnet Associations" as well?
It is already under "Subnets without ...
0
votes
1
answer
68
views
What actually makes an EC2 instance in a private subnet unreachable from the internet?
I'm reading everywhere (including the official documentation) that an EC2 instance in a private subnet cannot be reached from the internet, even if it has a public IP.
Let's say I have a 10.0.0.0/16 ...
1
vote
1
answer
330
views
Remove public IPv4 from AWS EC2 instances
Since February 1, 2024, AWS started charging for public IPv4 and I have several EC2 instances.
Some instances I can having only public IPv6, for others I need to keep public IPv4. I disabled Elastic ...
68
votes
5
answers
116k
views
What is the difference between a public and private subnet in a Amazon VPC?
When I launch a server with a security group that allows all traffic into my private subnet, it displays a warning that it may be open to the world.
If it is a private subnet, how can that be?
1
vote
3
answers
11k
views
EC2 unable to ping google.com
We created new VPC that has four subnets, two private and two public.
Private and public will be Mumbai A Mumbai B region.
When I ping google.com from public Mumbai A it is not working. When I ping ...
0
votes
1
answer
55
views
"Property CidrBlock or Ipv4IpamPoolId cannot be empty" when trying to create an IPv6-only VPC Subnet
When trying to create an IPv6-only VPC Subnet, using AWS CloudFormation, stack creation fails with the following message:
CREATE_FAILED
Resource handler returned message: "Invalid request ...
1
vote
1
answer
399
views
Migrate AWS ECS cluster IPV4 to IPV6
I'm trying to avoid this new cost (public IPv4) in aws for small projects because it will represent a big percentage of the cost.
In my ECS cluster, I use EC2 instances as capacity providers, ...
0
votes
1
answer
169
views
Allow AWS Identity provider to access a private VPC where the OIDC Idp resides
We want to implement Gitlab-AWS short-lived credentials but our Gitlab instance is located inside a private, non internet accessible VPC Subnet.
I have looked into VPC Endpoints but I cannot find the ...
3
votes
4
answers
13k
views
AWS VPN Client connection to new VPC Endpoint is failing
I have set up a new VPN following the guide here. However when I try to connect to the VPN with the client i get an error "Connection failed. Try again." This happens every time. I opened the log file ...
0
votes
0
answers
14
views
AWS VPC Connect Endpoint and Workbrench integration
I have some RDS instances under a private subnet and a bastion host (ec2 instance) with a public IP to connect to it. As part of getting a security certification we need to get rid of all ec2 ...
0
votes
0
answers
80
views
Prioritize S2S VPN on AWS when using 1 VGW
We have the following AWS setup:
1 VPC
1 Virtual Private Gateway (VGW)
8 Customer Gateways (CGWs)
8 Site-to-Site (S2S) VPN connections
We have 4 sites, each connected to our VPC with 2 S2S VPN ...
25
votes
2
answers
27k
views
In AWS, how to check which resources are using VPC IP addresses
According to Amazon and my test, a /24 VPC subnet allows for 251 available IP addresses. I have 2 other subnets in that VPC that appear to have no IP's in use by EC2 and the available IPs field ...
0
votes
1
answer
284
views
how to block outgoing traffic in ec2 without blocking ssh
I have an EC2 with has public subnet and traffic is flowing through internet gateway.
Now, i have an requirement like I have to block all outgoing traffic in EC2.
I have tried to restrict the traffic ...