I am trying to understand on how i can connect requests coming from Internet to AWS Opensearch(v 1.2) cluster behind a VPC. I was looking at the options for SSHT, VPN Connectivity and Reverse Proxy where we are kind of more inclined towards the Reverse Proxy approach via NGINX.
As per my understanding if we go with reverse proxy approach, creating the EC2 instances, deploying NGINX Proxy on it would require a lot of effort to manage the setup in terms of Patching, creating the certificates and remediating the vulnerabilities in the future.
What other best options do i have to make this connectivity possible with any other AWS managed service in front of the AWS OS. Something like below:
Internet --> AWS (NLB/ALB ?) --> AWS Opensearch (VPC Endpoint)
P.S I will be considering the different security aspects in terms of enabling the security groups and allowing only a specific CIDR range for our solution to prevent the Internet traffic from sending multiple requests. Also i am not sure if ALB/NLB is the right approach but just wanted to put it so that we can get some idea in case there is some other approach to consider.
