1

I got started with AWS recently. I came across an use case which I believe is pretty common but I was curious to understand how it will be implemented on AWS. We are collaborating with another organization who wants to have the database server in their AWS account and we will be having the app server under our account. In order to connect to the Database server, we have 2 options.

Connect to the DB Server over the public IP Create a VPN and connect to the DB server We prefer the second option, so I went through the VPC peering documentation to connect via VPN and was able to re-configure my network to take care of some corner cases (like non overlapping CIDRs etc.) I have a question related to the privacy of systems within the VPC though.

Once the two systems are connected through VPC peering, will the two machines have unlimited access to each other implicitly or will there be some rules which will govern the privacy of machines within the VPC?

If the question is not clear, I will be happy to explain my concerns further. I apologize if this question is too trivial.

Krishna Bharadwaj
  • 113
  • 1
  • 6

1 Answers1

2

Once the two systems are connected through VPC peering, will the two machines have unlimited access to each other implicitly or will there be some rules which will govern the privacy of machines within the VPC?

This traffic is still subject to VPC network ACLs and Security Groups. Configure those properly and the other party will not have unfettered access to your entire VPC.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • Is it not better to go with a VPC private link considering we expose an entire VPC and its EC2 instances which it holds ? I know its 2021 now :) – Thalaivar May 16 '21 at 20:27