undefined | Better HN

0 pointsSteveNuts2y ago0 comments

I'm shocked this isn't a feature of a VPC out of the box (shared internet bound traffic). You should only need a NAT gateway if you want the traffic to come out of a single set of external IPs that you control.

Almost all of my use cases I could easily ride out to the internet through a shared pipe (apt updates and such) and don't care whatsoever what IP that exits the AWS network from, since I'm not applying firewall rules or anything.

0 comments

patmcc2y ago

>>> and don't care whatsoever what IP that exits the AWS network from

You'll start to care pretty quickly if it's the same IP as a bad actor that's blocked everywhere.

ishanjain282y ago

So for this, Run your apps in public subnets that are attached to IGW.

zeroimpl2y ago

Which then requires each app to have a public IP, priced at $44/year starting soon

j / k navigate · click thread line to collapse