Port 22, 80, and 443 open?

Hi all

I am new to deployment and infrastructure & network. I am trying to learn how to deploy retool on a AWS EC2 setup. As per the instruction, we have to enable inbound traffic 22, 80 and 443 to 0.0.0.0. If I host the retool in a private subnet with a public subnet with load balance to allow public traffic in, do I still need to allow all inbound source in retool?

Thanks.

1 Like

Hi @yikl! Welcome to the community. :wave:

If I understand the question correctly, it's not necessary to open up those ports to all inbound traffic but they do need to at least allow ingress from your load balancer. It shouldn't really make a difference, though, if it is contained within your private subnet.

I personally find this diagram to be super helpful for setting up AWS infrastructure, as it clearly outlines which networking components you'll need in order to correctly route traffic to your private EC2 machine. Note that it doesn't have any reference to security groups, which you'll use to allow-list access to resources based on IP.

Let me know if you have any additional questions about getting set up on AWS! It can be a tricky process.