Public versus private subnets

When you set up a cloud environment for analytics, you are creating your own networking environment. You, or hopefully a skilled network guru, will need to define the networking structure. A basic component of this is the concept of subnets.

Subnets are logical subdivisions of the overall network in your cloud environment. You launch resources into a subnet where it will follow the internet addressing rules defining for the subnet. A public subnet has resources that can be addressable from the outside internet. This does not mean that all resources in the subnet can be found from the outside; you would need to assign a public IP address to it first.

A private subnet is not addressable from the outside internet. There are methods to allow internet communication through a gateway device, usually a Network Address Translation (NAT) device, but an outside object cannot initiate communication directly with something in a private subnet.

Most analytic processing should happen in a private subnet for security reasons, which adds some complexity in connecting with resources. This is why we are discussing it here. However, it is more than worth it to secure it from mischief. Know which of your subnets are private and make sure to spin up new resources there.