Are there any problem to set MapPublicIpOnLaunch of public subnets to FALSE? #2451
-
|
I launch ECS tasks in 'private' subnets, launch load balancer and NAT Gateways in 'public' subnets using following settings of Load Balanced Web Service manifest. The problem is the 'public' subnets Copilot-generated is set
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi zkohi!!
If set to
So whether it's turned off or not is mostly about the time at which (during vs. after launch) your instances receive a public IP address, and whether it has to be elastic or not. To address your question:
This will depend on your use case. If you will want to launch a service that needs to talk to the internet inside the public subnets, then keeping it Your existing service launched in the
There is no native way to do that at this moment 🙇🏼. If you prefer your instance without a public IP while still having the ability to talk to the internet, it's recommended that you launch them in the 'private' subnets (which is exactly what you are doing!). |
Beta Was this translation helpful? Give feedback.
-
|
Hi Lou1415926. Thank you for your answer! |
Beta Was this translation helpful? Give feedback.
Hi zkohi!!
MapPublicIpOnLaunchis set true so that instances in those subnets are automatically assigned a public address, which is required for them to communicate with the internet.If set to
FALSE, future instances (for example, your service's tasks) launched in that subnet will not receive a public address during launch. You can still manually assign the instance a public IP after launch, but you will have to use an Elastic IP address, as noted in this doc: