I have an AWS Landing Zone Setup. My Shared Account contains an AWS Client VPN. My Network Account contains Transit Gateway, this is shared with Production Account and Production Account VPC is attached. My Production Account contains a VPC which initally had Private Subnet and one EC2 Instance.
Initially my team wanted to login to the EC2 and install some softwares. This setup was successfull and my team has completed their work.
Now,Due to some requirement changes (they have configured a Website) over the Instance, I changed my Private Subnet to Public Subnet by introducing IGW entry in the Route Table. Also, I have attached an Elastic IP.
One of the other team wanted to connect to this URL/Portal, so I have added their corporate VPN Public address in the Security Group. They are able to access the website/portal/url easily.
Now my team wants to access the URL, but they are not able to access it and I cannot make it Public or Open to world
Other Configurations:
- Current Security Group contains Inbound All Traffic from AWS Client VPN and the Corporate VPN
- DNS entries and resolution is done by other team, they have made entry for the Public IP and the URL to which it should resolve
What changes I should make so that my team can connect to VPN and should be able to access this portal/URL?
