[英]How cdk/cloudformation understand which subnet is PRIVATE OR PUBLIC?
I have three su.nets in AWS.我在 AWS 中有三个 su.net。
One is public because it has inte.net-gateway一个是公共的,因为它有 inte.net-gateway
And other two are not.而另外两个则不是。
However when cdk synth, there comes template cdk.context.json
但是当cdk synth时,有模板
cdk.context.json
It judges every three su.nets are Public
它判断每三个 su.net 是
Public
However other two are Isolated
in fact(without NAT gateway and public IP)然而另外两个实际上是
Isolated
的(没有NAT网关和公共IP)
Why cdk think they are Public
??为什么 cdk 认为它们是
Public
的?
"vpc-provider:account=678100XXXXXX:filter.vpc-id=vpc-0867d6797e62dd78b:region=ap-northeast-1:returnAsymmetricSubnets=true": {
"vpcId": "vpc-0867d6797e62dd78b",
"vpcCidrBlock": "10.0.0.0/24",
"availabilityZones": [],
"subnetGroups": [
{
"name": "Public",
"type": "Public",
"subnets": [
{
"subnetId": "subnet-0b5985476dee1f20c",
"cidr": "10.0.0.0/25",
"availabilityZone": "ap-northeast-1c",
"routeTableId": "rtb-02a749d8d4415bbfb"
},
{
"subnetId": "subnet-0fdd37150bfff91f0",
"cidr": "10.0.0.128/26",
"availabilityZone": "ap-northeast-1c",
"routeTableId": "rtb-02a749d8d4415bbfb"
},
{
"subnetId": "subnet-085c85398f27adbfd",
"cidr": "10.0.0.192/26",
"availabilityZone": "ap-northeast-1d",
"routeTableId": "rtb-02a749d8d4415bbfb"
}
]
}
]
}
}
Whether a su.net is public or private is determined by its route tables only. su.net 是公共的还是私有的仅由其路由表决定。 Public su.nets will have route tables to the inte.net gateway , whereas private su.nets will not.
公共 su.net 将具有到inte.net 网关的路由表,而私有 su.net 则没有。 Instead private su.nets may have routes to NAT gateways, but this still does not make them public su.nets.
相反,私有 su.net 可能有到 NAT 网关的路由,但这仍然不能使它们成为公共 su.net。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.