This repository has been archived by the owner. It is now read-only.
Disallow accessing internal EC2 instances which have a public IP #40
Assignees
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Apparently you can assign a public IP to EC2 instances in the "internal" (private) subnets. Nobody should do this, but it's technically possible.
This will allow sending data to private EC2 instances (e.g. via UDP), but the route back will not work (due to NAT).
We should configure ACLs appropriately to avoid this.
The text was updated successfully, but these errors were encountered: