Reputation: 11
AWS EIP for an instance in private subnet?
I am trying to understand why AWS allows to associate EIP for an instance in private subnet. How to make use of this EIP? Is there any possibility to access the instance using this EIP without an igw in the private subnet?
Upvotes: 1
Views: 919
Answers (1)
Reputation: 35188
Remember that the concept of a public vs private subnet is simply down to the routing configuration within the route table and then applied any subnets that are bound via a subnet association.
The EC2 service only cares that the instance itself is located in a particular subnet, not what the routing configuration is. This is by design, of course it could be designed to perform lookups but from the AWS service perspective these additional lookups would be required during the validation.
No one can no for certain why the decision was made to omit this validation but it will likely be due to performance of that lookup for any new ENI resources being created which I imagine would generate a large overhead.
For your second question, it cannot use the EIP without an internet gateway. A NAT will perform only one way address translation and the egress only gateway operates over IPv6.
Upvotes: 2
Related Questions
- AWS - Accessing instances in private subnet using EIP
- aws private subnets connectivity
- Connecting to Lambda service using ec2 inside a private subnet
- How to access to EC2 Instance in private subnet?
- How to place EC2 instance in both public and private subnet?
- Can an instance with public IP in private subnet receive internet traffic?
- Amazon ELB for EC2 instances in private subnet in VPC
- Can I use AWS ECR from within a private subnet
- How to setup instances in a private subnet of an AWS VPC?
- How can I attach a private IP from a different subnet to an EC2 instance?