如何設定AWS VPC讓外界連線到EC2

整理一下供日後參考

在這篇文章裡面的「 Enable internet access 」章節提到提到讓外界連到 EC2 ：

• Create an internet gateway and attach it to your VPC.
• Add a route to your subnet’s route table that directs internet-bound traffic to the internet gateway.
• Ensure that instances in your subnet have a globally unique IP address (public IPv4 address, Elastic IP address, or IPv6 address).
• Ensure that your network access control lists and security group rules allow the relevant traffic to flow to and from your instance.

其中第二點就是在 Route table 增加一條 destination 0.0.0.0/0 到 target igw 的 rule，並確定該 route table 有跟 subnet 有關聯（說明：即使沒有手動關聯 subnet，subnet 也會自動與 Main route table 關聯）

Each subnet in your VPC must be associated with a route table. A subnet can be explicitly associated with custom route table, or implicitly or explicitly associated with the main route table.

https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html#route-table-assocation

也可以看這位大大的解說，比較容易理解：

另外上面的影片，那位仁兄也有提到 NACLs 跟 Security group 的差別，這些內容在這篇文章也看的到