如何使 AWS 静态网站仅对我的公司可见
How to make an AWS static website visible to my firm only
我已经在 amazon s3 bucket 上成功托管了一个网页。我怎样才能把它单独放在我的公司内部? VPC 是我应该寻找的吗?是否可以在此之上添加 Auth0?网页很简单 HTML、CSS、Javascript 和 Jquery。没什么好看的
您需要定义 "to my company"。
例如:
- 可能是全世界都可以访问该网站,但需要密码(贵公司的人都知道)
- 可能只有贵公司用于上网的IP地址才能访问该网站
- 可能是您在 AWS 和公司网络之间创建了网络连接,以便只能从公司网络访问它(就像内部应用程序一样)
要使用的配置取决于您希望如何服务和保护应用程序。例如,安全组可以限制对有限范围的 IP 地址的访问。一定要与您的网络管理员交谈,以确定您希望如何进行。
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html
Private IPv4 Addresses and Internal DNS Hostnames
A private IPv4 address is an IP address that's not reachable over the
Internet. You can use private IPv4 addresses for communication between
instances in the same network (EC2-Classic or a VPC). For more
information about the standards and specifications of private IPv4
addresses, see RFC 1918.
Note You can create a VPC with a publicly routable CIDR block that
falls outside of the private IPv4 address ranges specified in RFC
1918. However, for the purposes of this documentation, we refer to private IPv4 addresses (or 'private IP addresses') as the IP addresses
that are within the IPv4 CIDR range of your VPC. When you launch an
instance, we allocate a private IPv4 address for the instance using
DHCP. Each instance is also given an internal DNS hostname that
resolves to the private IPv4 address of the instance; for example,
ip-10-251-50-12.ec2.internal. You can use the internal DNS hostname
for communication between instances in the same network, but we can't
resolve the DNS hostname outside the network that the instance is in.
An instance launched in a VPC is given a primary private IP address in
the IPv4 address range of the subnet. For more information, see Subnet
Sizing in the Amazon VPC User Guide. If you don't specify a primary
private IP address when you launch the instance, we select an
available IP address in the subnet's IPv4 range for you. Each instance
in a VPC has a default network interface (eth0) that is assigned the
primary private IPv4 address. You can also specify additional private
IPv4 addresses, known as secondary private IPv4 addresses. Unlike
primary private IP addresses, secondary private IP addresses can be
reassigned from one instance to another. For more information, see
Multiple IP Addresses.
For instances launched in EC2-Classic, we release the private IPv4
address when the instance is stopped or terminated. If you restart
your stopped instance, it receives a new private IPv4 address.
For instances launched in a VPC, a private IPv4 address remains
associated with the network interface when the instance is stopped and
restarted, and is released when the instance is terminated.
If you create a custom firewall configuration in EC2-Classic, you must
create a rule in your firewall that allows inbound traffic from port
53 (DNS)—with a destination port from the ephemeral range—from the
address of the Amazon DNS server; otherwise, internal DNS resolution
from your instances fails. If your firewall doesn't automatically
allow DNS query responses, then you need to allow traffic from the IP
address of the Amazon DNS server. To get the IP address of the Amazon
DNS server, use the following command from within your instance:
我已经在 amazon s3 bucket 上成功托管了一个网页。我怎样才能把它单独放在我的公司内部? VPC 是我应该寻找的吗?是否可以在此之上添加 Auth0?网页很简单 HTML、CSS、Javascript 和 Jquery。没什么好看的
您需要定义 "to my company"。
例如:
- 可能是全世界都可以访问该网站,但需要密码(贵公司的人都知道)
- 可能只有贵公司用于上网的IP地址才能访问该网站
- 可能是您在 AWS 和公司网络之间创建了网络连接,以便只能从公司网络访问它(就像内部应用程序一样)
要使用的配置取决于您希望如何服务和保护应用程序。例如,安全组可以限制对有限范围的 IP 地址的访问。一定要与您的网络管理员交谈,以确定您希望如何进行。
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html
Private IPv4 Addresses and Internal DNS Hostnames
A private IPv4 address is an IP address that's not reachable over the Internet. You can use private IPv4 addresses for communication between instances in the same network (EC2-Classic or a VPC). For more information about the standards and specifications of private IPv4 addresses, see RFC 1918.
Note You can create a VPC with a publicly routable CIDR block that falls outside of the private IPv4 address ranges specified in RFC 1918. However, for the purposes of this documentation, we refer to private IPv4 addresses (or 'private IP addresses') as the IP addresses that are within the IPv4 CIDR range of your VPC. When you launch an instance, we allocate a private IPv4 address for the instance using DHCP. Each instance is also given an internal DNS hostname that resolves to the private IPv4 address of the instance; for example, ip-10-251-50-12.ec2.internal. You can use the internal DNS hostname for communication between instances in the same network, but we can't resolve the DNS hostname outside the network that the instance is in.
An instance launched in a VPC is given a primary private IP address in the IPv4 address range of the subnet. For more information, see Subnet Sizing in the Amazon VPC User Guide. If you don't specify a primary private IP address when you launch the instance, we select an available IP address in the subnet's IPv4 range for you. Each instance in a VPC has a default network interface (eth0) that is assigned the primary private IPv4 address. You can also specify additional private IPv4 addresses, known as secondary private IPv4 addresses. Unlike primary private IP addresses, secondary private IP addresses can be reassigned from one instance to another. For more information, see Multiple IP Addresses.
For instances launched in EC2-Classic, we release the private IPv4 address when the instance is stopped or terminated. If you restart your stopped instance, it receives a new private IPv4 address.
For instances launched in a VPC, a private IPv4 address remains associated with the network interface when the instance is stopped and restarted, and is released when the instance is terminated.
If you create a custom firewall configuration in EC2-Classic, you must create a rule in your firewall that allows inbound traffic from port 53 (DNS)—with a destination port from the ephemeral range—from the address of the Amazon DNS server; otherwise, internal DNS resolution from your instances fails. If your firewall doesn't automatically allow DNS query responses, then you need to allow traffic from the IP address of the Amazon DNS server. To get the IP address of the Amazon DNS server, use the following command from within your instance: