aws-cdk-examples icon indicating copy to clipboard operation
aws-cdk-examples copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

CDK Sample: Securely Access VPN exposed services with AWS PrivateLink

Open Dringho opened this issue 2 years ago • 0 comments
trafficstars

Describe the feature

A secure way to integrate with services providers that require communication going through IPSEC-VPN connectivity, which is the case of many regulators in LATAM. The solution involves using PrivateLink to decouple the network related association with the provider. This schema can also be reversed to be used to expose services through VPN securely.

Use Case

(Based on Enterprise Customer need)

  • Joining through VPN Networking with a provider that may have CIDR collision can be challenging and require many workarounds to make it happen.
  • Joining through VPN Networking with another entity leads to an increased security perimeter if done in the same network that you normally operate and it's hard to control that only allowed traffic is permitted

Proposed Solution

SbPay Provider VPN PrivateLink(1)(1)-Page-1

This sample uses three stacks, one to simulate the external producer (which uses openswan to connect to AWS-VPN), one to implement the Transit account, and a last one for the Consumer of the service

Other Information

No response

Acknowledgements

  • [X] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

Language

Python

Dringho avatar Jan 04 '23 12:01 Dringho