I configured load balancer/autoscaling in AWS. I want that my instances in the autoscaling group use the same IP for outgoing trafic. So I configured a NAT gateway.
Good, it works well.
But, now, I cannot SSH directly to the instances in the autoscaling group using their public IP address.
So, is there a way to use at the same time a NAT gateway for outgoing traffic and IP public instance address for SSH ingoing traffic ?
Thank you for your help !
CodePudding user response:
If your target is to just ssh into the system then best approach is via AWS Systems Manager. Your servers remain in private network and you don't have to manage complex networking in order to achieve this.
If you use SSM then you don't have to worry about the Public IP of your system at all. No need for Elastic IP as well.
Here's a documentation which shows how to use Systems Manager to ssh into the EC2 instances. https://aws.amazon.com/premiumsupport/knowledge-center/systems-manager-ssh-vpc-resources/
CodePudding user response:
So, is there a way to use at the same time a NAT gateway for outgoing traffic and IP public instance address for SSH ingoing traffic ?
Since you are using NAT, your instances are in private subnet, which means there is no direct access to them through Internet. However, you can use ssh through SSM Session Manager:
The other way is to setup a bastion host in a public subnet, and jump through it. But SSM is the newer and more sequire way of accessing resources in private subnets.