Have a VPC with a private subnet. Inside the VPC, am looking to update latest
Anaconda packages using Conda which involves downloading the latest updates from internet. Since my VPC has no internet access, what is the recommended approach.
Asked
Active
Viewed 671 times
0
John C
- 135
- 5
1 Answers
3
Simplest approach would be to add an internet gateway, create a new Public subnet with a default (0.0.0.0/0) route to the internet via the new internet gateway. Then deploy a NAT gateway into the new public subnet. Then update the route table on your private subnet with a default route via the NAT Gateway.
If you want more control over what access to the internet your private instance has (e.g. limit it to only be able to reach a specific package repository), you can either restrict it's outbound security group (although this can be a pain to manage) or substitute the NAT Gateway service for a NAT instance with a restricted security group or for your own proxy where you can apply more granular rules - however in both cases these don't have the native HA capability of the NAT gateway, although for simply package updates that might not be a concern.
Alex Moore
- 1,654
- 4
- 11