I have a couple of AWS instances in different AWS regions which need to talk to each other. However, in an enterprise network, I am not supposed to open ports for communication. Is there a way to achieve this?
Asked
Active
Viewed 55 times
1 Answers
1
You can setup VPN connections between your VPCs to communicate with each other.
John Rotenstein
- 241,921
- 22
- 380
- 470
Ashan
- 18,898
- 4
- 47
- 67
-
@John, Ashan Since AWS doesn't allow VPC to span between regions, will this not require configuring of inbound/outbound rules in the security group? – msingh Aug 15 '17 at 15:09
-
VPC cannot be span between regions, but you can setup a VPN connection from one VPC to another across regions unless the CIDR blocks are not overlapping. – Ashan Aug 15 '17 at 15:50
-
See: [VPC Connectivity Options whitepaper](https://media.amazonwebservices.com/AWS_Amazon_VPC_Connectivity_Options.pdf). You would need two software VPNs in each region. The instance running the VPNs would need Internet access, although inbound access not actually required because both will make outbound connections to each other (it's complicated). Alternatively, do the VPCs connect to your back-end corporate network? If so, they could communicate that way. – John Rotenstein Aug 15 '17 at 20:19