I'm not sure if this is the right sub to ask this question because this is about AWS VPC, but anyway... I'm trying to improve an existing Elastic Beanstalk setup. There's a dozen instances behind a load balancer. Each instance has a public IP, although I've now closed it off such that only the load balancer can connect to them. Question: what are the benefits or disadvantages of leaving the instances inside a public subnet? I can move the instances to a private subnet, but they will no longer have Internet access. We'll have to pay for a NAT Gateway. I can't understand why it's more expensive to use private-facing instances. Maybe I'm missing something?
No comments:
Post a Comment