0

My AWS EC2 instance's public DNS has the public IP address in it separated by -. For example: ec2-x-xx-xxx-xxx.ca-pacific-x.xxx.amazonaws.com.

Now, my question is when I give my users this DNS, is it safe knowing they have access to my public IP address? If it's safe, should I just share public IP address then?

Sid
  • 21
  • 4

1 Answers1

1

Translating a hostname to an IP address is a single call to DNS even if it’s not included in the hostname like here. If you want people to use your service they (or their computers) will eventually use the IP, you can’t hide it and there is no point trying to hide it.

However two issues with giving your users this hostname or the IP directly:

  1. The IP will change when you stop and start the instance. Hence you’ll have to update your users with the new one. Look up Elastic IP to overcome this problem.

  2. You can’t easily get a valid SSL certificate for this hostname or for an IP address. It’s better to use your own domain.

Hope that helps :)

MLu
  • 24,849
  • 5
  • 59
  • 86
  • Thank you, so elastic IP and our own domain is the way to go! I won't have to stop and start the instance. Perhaps, I can continue to use the current public IP but link it with our domain. My concern was related to security issues arising (if any) by giving them public ip. – Sid Jan 26 '21 at 06:14
  • @Sid You *will* stop/start it one day, even if by mistake. Or AWS may force you to if the underlying host experiences issues. Attach the *Elastic IP* now, before you start using the server, it's free when the instance is running. – MLu Jan 26 '21 at 06:17
  • Thank you I am now using an elastic IP for my instance. Should I share the elastic IP or the DNS? – Sid Jan 26 '21 at 07:25
  • @Sid if you have own domain use it. AWS Route53 is your friend. – MLu Jan 26 '21 at 07:47
  • @Sid you can use Route53 Hosted Zone for your instance and then you don't need to share your elastic IP with anyone. – asmath Jan 29 '21 at 05:20