1

Im quite new to AWS. I have a CMS that I hosted on a EC2 inside a private subnet. I can make the EC2 access internet (EC2 TO Internet) thanks to a NAT and Internet Gateway. My question is how am I supposed to give access to users who are going to manage the content into this CMS from the internet (So how can I access EC2 FROM Internet ?)

Thanks in advance.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
Lina
  • 45
  • 1
  • 7
  • 1
    Either place a Load Balancer in front of it in the public subnet, set up a VPN or some other form of private connectivity like direct connect. You can also expose the port via EC2 instance connect. – Maurice May 27 '21 at 14:08
  • I want it to be reachable from internet without using a VPN. Is there any way to do that ? Also thank you for answering =) – Lina May 27 '21 at 14:10
  • Well then you have the option to place a Load Balancer in front of it or move the instance to a public subnet and thereby exposing it directly to the internet. – Maurice May 27 '21 at 14:16
  • So If I place a load balancer in front of it it's possible (cuz it's seems weird to have a load balancer in front of 1 EC2 instance) ? I read this article that explains it : https://dbseer.com/access-ec2-instance-private-subnet-internet/ – Lina May 27 '21 at 14:33
  • Yes, you can also use the Load Balancer for things like TLS termination and defense against some kinds of DDoS attacks. If this is the right solution for you depends on multiple factors and is a bit out of scope for this Q&A form ;-) – Maurice May 27 '21 at 14:36
  • 2
    Alternatively, put the instance in a Public Subnet and be careful about configuring the Security Group so that access is limited to only the ports/IP addresses needed. – John Rotenstein May 27 '21 at 23:52

0 Answers0