I just want to ask a scenario. I am planning to create a simple architecture.
I will create only one VPC and will create two EC2 that one of them is public subnet and the other one is private subnet.
I will deploy my vuejs app on public subnet I will deploy my rest APIs and database on private subnet
As i said, they will be in the same VPC.
In this scenario, will i need a NAT gateway? or no need for NAT gateway between private and public subnets within only one VPC? Because on the AWS pricing, it is written that no pay for VPC but pay for NAT gateway.
Best
CodePudding user response:
Inside the VPC, as soon as the SecurityGroups allow it, you can communicate between the different private and public subnets.
But here I have a concern. If the VueJS app runs on the users browser, then it will contact the API on the internet and then the API needs to be publicly accessible. So « in the public subnet » (or behind an ALB that is public).
One usual way to achieve this the most natively possible is by putting the VueJS app within an S3 bucket (almost no costs), with a cloudfront distribution, and having API Gateway or AppSync serving your API. Only your database if this is RDS would use the VPC.