0

I have:

  • A web EC2 instance in the private subnet (connected to a NAT gateway)
  • A bastion EC2 instance in the public subnet (connected to the internet gateway)

I have tried many things to open the web application from a browser and have not succeeded:

  • When I used the bastion instance to access the web instance to create port forwarding [ ssh -i KEY -ND LOCAL-PORT ec2-user@BASTION-PUBLIC-IP ] it asked me for a passphrase which I don't have.
  • The key pair created by the AWS Console does not have a passphrase. When I used PuTTY Key Generator to create keys and imported to the console, the console wouldn't accept for a range of reasons e.g. key to long, incompatible format etc.
  • I tried to create a load balancer, but the subnets are required to be connected to the internet gateway (which private subnets are not).

Please help!

joe.moss
  • 1
  • 3
  • What is your end-goal? It appears that you want to expose the EC2 instance to the Internet? Do you want to do that for all ports? Why did you put it in a Private subnet if you want it to be publicly accessible? Would it be accessible only to you when you use SSH, or do you want it accessible to _everybody?_ – John Rotenstein Sep 25 '21 at 19:55

1 Answers1

1

you can achieve this by provisioning internet facing load balancer(in public subnet) and point this load balancer to EC2(in private subnet) wherein your website is hosted. Make sure traffic is allowed on EC2's security group(inbound rules) from load balancer's security group.

Randhir
  • 792
  • 7
  • 18