Sridhar Srinivasan
I am revising the Chapter 9 – VPC, lessons on NACL and VPC Endpoint. For the customer NACL, first I tried exactly what Ryan taught us. Both Inbound and Outbound had the rules as mentioned in the session. (Particularly, SSH-22 with source as 0.0.0.0/0 with ALLOW. (rule #200). The subnet association is with the public subnet. Now, as per lesson we have 2 ec2s – one in public (webserver) and another in private (db). Plan is to connect to the db server in pvt via the webserver. But, one changing the NACL, the connection no longer happens. When I remove the NACL association with the public subet, only them am able to connect the db from the webserver. Please advise where I am missing.