-1

The link explains that need to use NAT Gateway for the public subnet to make it possible to access the internet and the lambda function access the RDS instance. First does it realy have to be NAT Gateway can't use instead a Internet Gateway for that purpose?

Second have two Route Tables one named PublicNetwork that haves two subnets and the route haves one Internet Gateway, the second Route Table that haves only one subnet called PrivateNetwork.

when had only one Route Table with all 3 subnets could access the rds (db) instance with Microsoft SQL Server Management (security group with inbound rules of type MS SQL and Source my ip address) now with the changes can't access anymore.

My database in RDS haves in Subnet group my default-vpc that haves the 3 subnets is it needed to create another vpc and transfer the private subnet to it to be able to access my database again?

H.C
  • 565
  • 7
  • 28

1 Answers1

1
  • All subnets in a VPC can communicate with each other
  • An Internet Gateway connects the VPC to the Internet
  • Any subnet that has a Route Table pointing 0.0.0.0/0 to the Internet Gateway is called a Public Subnet (because it can directly communicate with the Internet)
  • Any subnet that does not have such a Route table entry is called a Private Subnet
  • If a resource in a private subnet needs to communicate with the Internet, it must send the network traffic via a NAT Gateway in the Public Subnet. The NAT Gateway will forward the traffic to the Internet, then return any response that is received.

If you are having difficulty connecting to resources within the same VPC, then the Security Group is the most likely cause of the problem.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470