Connections between On-Premise and AWS
- Connections between Onpremise and AWS can be made by using
- Direct Connect:
- AWS provides the following VPN connections
- AWS Site-to-Site VPN
- AWS Client VPN
- AWS VPN CloudHub
- Third Party software VPN appliance
AWS Site-to-Site VPN
Basic Components of Site-to-Site VPN
- Virtual Private Gateway
- Transit Gateway
- Customer Gateway device
- Customer gateway
- VPN Connection: A secure connection b/w on-premise devices and your vpc
- VPN tunnel: A encrypted link where the data can pass from the customer network to AWS.
- Customer gateway: An AWS resources which provides information about customer gateway device which is locatied on premise
Virtual Private Gateway:
- It is VPN Connector on the AWS side of Site-to-Site VPN Connection.
- You need create Virtual Private Gateway and attach it your vpc
- A Transit gateway is Regional virtual router for traffic flowing b/w vpc and VPN Conections.
Customer Gateway device:
- This is physical device or software application running on-premise in the site-to-site VPN Connection.
- Needs to routable Ipaddress (static)
- Customer gateway devices supported Refer Here
- Preshared keys
- Private certificate from AWS
AWS VPN Cloud hub
AWS Direct Connect
- In networking we need to understand
- Identity and Access Management (IAM)