Access VPC Opensearch from Internet | Without nginx proxy | required AWS managed Service based solution

0

I am looking for a aws managed solution to redirect internet users to VPC based opensearch kibana dashboard.

I have tried with App. Loadbalancer & IP based target group pointed to Opensearch ENI's private ip. And used Lambda & Cloudwatch event to keep monitor on ip change and update the target group ip's. It worked.

However, Is there any other solution available in AWS which is highly available and redirect internet users to Opensearch kibana endpoint.

3개 답변
0

Can't it be OpenSearch set up for public access?

profile picture
전문가
답변함 일 년 전
  • no as per compliance it has to be inside vpc. but some users via internet they need access to kibana dashboard. the internet users wont use vpn's.

  • What about using a Systems Manager Session Manager proxy to access EC2 as a stepping stone?
    https://repost.aws/knowledge-center/systems-manager-ssh-vpc-resources
    Using this configuration, you can access OpenSearch in the VPC from the EC2 on the trestle.

0

For internet user to access VPC based opensearch we did the following

  1. created alb in public subnet
  2. create r53 cname mapping with alb
  3. Create target group with IP based
  4. using event bridge (createNetworkInterface & DeleteNetworkInterface) & lambda(python) we were able to query the ENI's and update the IP's in Target group.

With the above approach internet users able to access the vpc based opensearch

답변함 10달 전
0

Can you elaborate your solution here? were you able to automate this approach? specifically the Listeners and rules that need to be setup, what health checks need to setup in TG?

hari
답변함 17일 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인