AWS Virtual Private Cloud Peer Connection

1
votes

I am currently getting my hands dirty with AWS VPC and have stumbled upon a scenario in peering.

I had created two VPCs - VPC1, VPC2. VPC1 has a public subnet and an EC2 Linux instance. VPC2 has a private subnet and an EC2 Linux instance.

I have established peering between the two VPCs and was able to access the EC2 instance on VPC1 from my local machine and then connect to EC2 instance on VPC2 from it.

I had a rule on security group of the EC2 instance on the private subnet to allow ALL SSH connectivity to it. ( without this I wasn't able to connect between the instances )

Now instead of having the second instance on a private subnet, I modified the subnet to be a public one and am able to connect to the EC2 instance on it from an EC2 instance on non-peer VPC as well.

My question :

  1. How is that am able to connect to public subnets between non-peered connections? Can I decipher that public subnets in the same region don't require peer connections setup in order to connect?
1
amazon-web-servicesaws-vpc
It depends on what you mean by " public subnets". If you mean subnets work a default route through internet gateway - public ips will always be through the public network. The corresponding private ips could still be through the peering connections - Daniel Farrell

1 Answers

1
votes

The public IP's of EC2 in public subnets are accessible from wherever their NACLs and Security Groups allow. If those allow internet-wide access that would include anything in AWS. You'd need to peer if you wanted to connect to an EC2's private IP from another VPC.