AWS Public and Private Hosted Services
Learn the differences between AWS public and private hosted services.
We'll cover the following
AWS public hosted services
Public hosted services in AWS can be thought of as services that, with the proper access rights and permissions, can be accessed through the public internet using an AWS service endpoint.
For instance, the AWS Simple Storage Service, also known as S3, is a global service that can be accessed from the public internet after assuming the relevant user rights and permissions.
Similar to S3, a few other examples of public AWS services are IAM, SNS, and SQS.
AWS private hosted services
In terms of networking, private hosted services in AWS refer to those services that, unless otherwise configured, are inaccessible from the public internet. A private network in AWS is set up to restrict any services operating inside an isolated network from interacting with the rest of the internet.
Amazon VPC forms the backbone of a secure, private network where services that need to be restricted from public access can operate.
Every resource in a custom VPC has a default restriction against being accessed over the public internet; further configuration is required to enable public access.
Examples of services that operate from within a VPC include EC2, EKS, RDS, etc.
Need for AWS private services
Consider the following scenario: we want to host a business-critical web application that processes business-critical data stored in the AWS Relational Database Service (RDS). An Application Load Balancer (ALB) is used to load balance the application across several EC2 virtual machines.
Should we host our virtual server and databases in a publicly accessible network, though access restrictions can also be applied there, or in an isolated private network that can’t be accessed from any other network unless configured?
It is extremely important to host application-related resources, such as databases and virtual machines, in a private network rather than in a public network to maintain data protection and web application security, thereby reducing the attackable surface.
Get hands-on with 1400+ tech skills courses.