Access VPC Opensearch from Internet | Without nginx proxy | required AWS managed Service based solution

0

I am looking for a aws managed solution to redirect internet users to VPC based opensearch kibana dashboard.

I have tried with App. Loadbalancer & IP based target group pointed to Opensearch ENI's private ip. And used Lambda & Cloudwatch event to keep monitor on ip change and update the target group ip's. It worked.

However, Is there any other solution available in AWS which is highly available and redirect internet users to Opensearch kibana endpoint.

3回答
0

Can't it be OpenSearch set up for public access?

profile picture
エキスパート
回答済み 1年前
  • no as per compliance it has to be inside vpc. but some users via internet they need access to kibana dashboard. the internet users wont use vpn's.

  • What about using a Systems Manager Session Manager proxy to access EC2 as a stepping stone?
    https://repost.aws/knowledge-center/systems-manager-ssh-vpc-resources
    Using this configuration, you can access OpenSearch in the VPC from the EC2 on the trestle.

0

For internet user to access VPC based opensearch we did the following

  1. created alb in public subnet
  2. create r53 cname mapping with alb
  3. Create target group with IP based
  4. using event bridge (createNetworkInterface & DeleteNetworkInterface) & lambda(python) we were able to query the ENI's and update the IP's in Target group.

With the above approach internet users able to access the vpc based opensearch

回答済み 10ヶ月前
0

Can you elaborate your solution here? were you able to automate this approach? specifically the Listeners and rules that need to be setup, what health checks need to setup in TG?

hari
回答済み 17日前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ