Is there a way I can make an EKS Faragte node or a EC2 instance running in a private subnet connect to an ec2 instance running in the public subnet in the same VPC?
When I try a test from the VPC "Reachability Analyzer" for path from the ENI attached to NAT Gateway to the EC2 instance the test succeeds.
When I run curl from inside the EKS POD (which is essentially running as a node in the Private Subnet of the VPC) to the instance running the public subnet of the same VPC the command times out.
I'm running jetty bound to 0.0.0.0 port 28980 on that target EC2 public subnet instance.
Best Answer
The issue was this
we want to restrict traffic to our VPN and to a Jenkins running on EKS; we were going about adding security groups to VMS which was becoming hard to handle.
So we've moved all security rules to VPC Default Security and any VM attached to the VPC has those rules, my assumption was since VPCs allow all traffic within them, the private to public subnet ping won't be an issue.
But, that was not the case I still had to add a rule with VPC CIDR to the default security group of VPC and then it all worked.