Private subnets are subnets that are not open to the internet. All of their traffic is routed via the public subnet in the same VPC using the concept of route tables. Let's understand how to position our Lambda functions inside private subnets to add an extra layer of security:
- Subnets created in the AWS console are not private by default. Let's evaluate and confirm this by going through the details of the subnet that we just created:
- Clicking on the Route Table tab will show us the routing settings of our subnet, which basically tells us what kind of traffic is allowed into it:
- In the Network ACL tab, you can see the network rules assigned for our subnet. Here, we can see that the subnet is open to all traffic (0.0.0.0/0). So, in order to make our subnet private, we need to fix this:
- Go to the Network ACLs console by...
