I'm a beginner working on an AWS infrastructure diagram for my assignment, and I'm unsure whether my EC2 instances are set up in a public or private subnet. I haven't created an Internet Gateway for my instances. I have a launch template that automatically installs Python and Flask on each instance. I've also configured a security group that allows inbound traffic on ports 5000, 80, and SSH. When I access http://:5000 from my browser, I see 'Hello World!', which indicates that everything is working as intended. Based on this setup, do you think my instances are in a public subnet, and is there a default Internet Gateway in place allowing access to port 5000?
3 Answers
Since you can connect to your instance from the internet, it definitely resides in a public subnet. It looks like you’re using the default VPC, which by default has an Internet Gateway attached.
If your web app is accessible through the public IP, then yes, your instances are in a public subnet. You can check the subnet route table to confirm this. There’s likely an Internet Gateway connected, even if you didn’t set one up yourself.
You're probably in a public subnet, especially since the script that installs Python and Flask likely pulls from the internet. If you can SSH into it and hit it from the browser, you're good. Just remember, for more secure access, consider using SSM Session Manager instead of SSH.
Great point! Using SSM is a safer way to manage instances without opening SSH.