Base Question
I have an Application Load Balancer that needs to be able to forward a subset of requests out of AWS to a public IP hosted elsewhere. The research I've done has pointed me towards needing to create a VPN to do this. Is this really needed to route to an external IP? What do I connect the VPN to? Is a VPN the right solution, or is there an alternative solution that I'm overlooking?
Details
I support a few different products and due to differences in technology and product age, some need to be hosted outside of AWS. However, there are integration points between products that are inside AWS and outside AWS, and we want users in the latest generation of the newest products to have a streamlined solution where it all fits under the umbrella of one root URL with product specific subdirectories, as in https://cust.somewhere.com/product where product could be one of four options.
Our DNS is hosted in AWS and points at our ALB, where we have rules based on the subdirectory to direct 2 of the product options on to EC2 instances hosted in AWS, while the other 2 product options need to get sent back out of AWS to another hosting provider. Because this routing is based on the subdirectory, DNS isn't helpful as far as I know, and I have to do it from the ALB.
These non-AWS products already are externally accessible on another domain. So, to me I just need to target the public IP used by that other domain's DNS. That other system is already configured and tested ad-hoc to be able to route the domain coming from AWS. But in order to get things routed for real from AWS to an IP outside of my VPC, I have to setup a VPN. Is that valid, or is there a better way?
AWS 공식업데이트됨 2년 전
Is a VPN the right solution then, or am I overlooking some other networking magic or target type?
Targets can be located outside the load balancer’s VPC (this includes Peered VPC, and on-premises targets reachable over Direct Connect or VPN).