Connections between On-Premise and AWS
- Connections between Onpremise and AWS can be made by using
- VPN:
- Direct Connect:
- VPN:
VPN Connections
- AWS provides the following VPN connections
- AWS Site-to-Site VPN
- AWS Client VPN
- AWS VPN CloudHub
- Third Party software VPN appliance
AWS Site-to-Site VPN
-
Basic Components of Site-to-Site VPN
- Virtual Private Gateway
- Transit Gateway
- Customer Gateway device
- Customer gateway
-
Basic connection
-
Concepts:
- VPN Connection: A secure connection b/w on-premise devices and your vpc
- VPN tunnel: A encrypted link where the data can pass from the customer network to AWS.
- Customer gateway: An AWS resources which provides information about customer gateway device which is locatied on premise
-
Virtual Private Gateway:
- It is VPN Connector on the AWS side of Site-to-Site VPN Connection.
- You need create Virtual Private Gateway and attach it your vpc
-
Transit Gateway:
- A Transit gateway is Regional virtual router for traffic flowing b/w vpc and VPN Conections.
- A Transit gateway is Regional virtual router for traffic flowing b/w vpc and VPN Conections.
-
Customer Gateway device:
- This is physical device or software application running on-premise in the site-to-site VPN Connection.
- Needs to routable Ipaddress (static)
- Customer gateway devices supported Refer Here
-
Authentication OPtions
- Preshared keys
- Private certificate from AWS
AWS VPN Cloud hub
AWS Direct Connect
Next Steps:
- In networking we need to understand
- LoadBalancers
- DNS
- Identity and Access Management (IAM)
