Issue
I'm using AWS EC2 (no other AWS services yet), and I have this setup:
Region 1 (N. Virginia): instance A, in VPC YYY, has public IP 123
Region 2 (S. Paulo ): instance B, in VPC ZZZ, has public IP 456
I need to make a TCP request from instance B to instance A.
At first, I thought I would only need to add instance B's public IP (456) to the security group of instance A, but that didn't work (I could't establish a TCP connection as I expected).
I'm guessing that, between regions, another IP different from de public one is used when one instance tries to reach another, but not the private one since the private IP is local to the VPC (right?).
So, how to achieve this? What IP should I whitelist in the security group/firewall of instance A?
Or perhaps, in general, what's the best practice to do this? (connect two instances of different Regions/VPC between them).
Thanks!
Solution
Without knowing your VPC configuration, it is very difficult to comment. Most likely your instance B is in a private subnet of your VPC. Assuming you are running Linux, can you ping www.google.com from B? If you can, then curl www.whatsmyip.com will give you the public address of B (search for the IP in curl output). Use that IP to open the security group of A to allow traffic from B.
Answered By - helloV Answer Checked By - Timothy Miller (WPSolving Admin)