- Newest
- Most votes
- Most comments
Disabling auto-assignment of public IP addresses on a public subnet can have several consequences and implications for various AWS services:
-
EC2 Instances: As you correctly noted, for EC2 instances, you can still manually assign public IP addresses during instance launch using the
--associate-public-ip-address
flag in the CLI, even if auto-assignment is disabled at the subnet level. This gives you more control over which instances receive public IP addresses. -
Load Balancers: For load balancers, the behavior is different. Internet-facing load balancers require public IP addresses to function properly. If you disable auto-assignment of public IP addresses on the subnet, it doesn't prevent the load balancer from getting a public IP address. Internet-facing load balancers will still receive public IP addresses regardless of the subnet's auto-assign public IP setting.
-
Other Services: The impact on other AWS services can vary:
- RDS instances in public subnets may not automatically receive public IP addresses if auto-assignment is disabled.
- NAT Gateways require public IP addresses and may be affected if auto-assignment is disabled.
- Elastic IP addresses can still be manually associated with resources regardless of the auto-assignment setting.
-
General Implications:
- Increased manual configuration: You'll need to explicitly specify when you want resources to have public IP addresses.
- Better control over public IP usage: This can help manage costs related to public IP addresses and improve security by limiting unintended public accessibility.
- Potential connectivity issues: If you forget to manually assign public IPs where needed, it could lead to connectivity problems for resources that require internet access.
It's important to note that disabling auto-assignment of public IP addresses doesn't make the subnet private. The subnet remains public if it has a route to an Internet Gateway. The auto-assign setting just controls the default behavior for new resources launched in that subnet.
When managing public IP addresses, consider using Elastic IP addresses for resources that require consistent public IP addresses, as they provide more flexibility and control.
Sources
Amazon EC2 instance IP addressing - Amazon Elastic Compute Cloud
subnet-auto-assign-public-ip-disabled - AWS Config
I want to disable IPv4 address allocation for load balancer subnet and stop charging. | AWS re:Post
IP addressing for your VPCs and subnets - Amazon Virtual Private Cloud
Relevant content
- Accepted Answerasked 2 years ago
- asked 6 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago