Public and Private Subnets
- Public Subnet is associated with a route table which has route to internet gateway
- Private subnet is associated with a route table which has no route to internet gateway
-
subnets will using
- default route table, if there is no explicit connection
- default route table, if there is no explicit connection
-
Lets create a vpc with 3 subnets
- public subnet
- private subnet
- default (route to default route table)
- Now lets create a internet gateway and associate that with vpc
- Create a route table with route to internet gateway (public rt)
- Create a route table without route to internet gateway (private rt)
- Lets create an ec2 instance in public subnet (we have not associated public subnet to public route table yet)
- Now lets try ssh connectivity using public ip
- Lets associate public subnet to public rt
- Lets try to reconnect
- Now lets try to connect to internet from public ec2
- Lets try to create one ec2 instance in private subnet which is explicitly connected to private route table
- Now try connecting to private route table instance using public ip
- For all the internal communications in vpc use private ips not public ip.
- Lets try to connect to internet from private ec2
- Private subnets cannot be connected from/to internet
