TechQA.

AWS direct connect: Route from VPC Lambda to on-prem server

2.7k views Asked by At

Using AWS Direct Connect, is it possible to:

  1. Make requests FROM AWS (lets say EC2) into my on-premise datacenter? Docs I've read only seem to explicitly state Direct Connect allows you to establish connections FROM your datacenter TO AWS (not the other way around).
  2. If answer to question 1 is yes, is it possible to make connection FROM lambda running in VPC TO my datacenter? I want to execute puppeteer inside lambda against a web application running on a server in the datacenter.

I know just enough about networking to be dangerous, but by no means an expert. Answering in a way that a non-network admin can understand would be appreciated.

amazon-web-services aws-direct-connect
Original Q&A
3

There are 3 answers

0
Matt D On BEST ANSWER

The short answer: yes and yes

I'm assuming that you won't be setting it up yourself, that should be done by a network admin. Assuming they have set up the interfaces, router configuration, firewalls, NACLS, routing tables, etc.

You only need to do the following for a specific usecase within your AWS Account:

  • Make the Lambda Function VPC Connected
  • Add a Security Group that allows access to the CIDR of your Web Service

You can then talk to the on premise servers as if on your own network.

1
Jerry Hoerig On

Yes you can. It requires the proper firewall rules in your datacenter to allow the traffic and you will still need to make sure your security groups/NACLs allow the traffic to flow properly. Lastly you need the routing for the subnets to know where to send traffic.

0
jestadi On

Yes, once the direct connect connection is established between AWS and On-Prem, they seems to be logically connected but the real traffic flow happens only when there is proper routing settings like firewalls/NACL/Security Groups etc.. on both AWS and On-prem Side(*usually organisations do prefer a firewall on On-prem before they send traffic to AWS so double check with the networking team*) if you have one anything that has rule on ip address and port make sure that the rule is fair enough to satisfy your communication needs like one-way or both-ways

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AWS-DIRECT-CONNECT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions