1 Answer
- Newest
- Most votes
- Most comments
1
What would be benefit of using CDN here? The Client VPN terminates inside a VPC. So your traffic would be Client -> ClientVPN into VPC -> Nat Gateway in VPC -> Out to Cloudfront PoP -> Into your Loadbalancer or S3 bucket in region. This makes an extra jump from region to Cloudfront PoP that adds latency to your connection.
In this case if you want to restrict a service to work just with the ClientVPN, make them connect to your service directly inside the private address space. For example creating a private ELB and allowing access to that from ClientVPN.
Relevant content
- Accepted Answerasked a year ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 18 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 7 months ago
Here are a couple of situations where it makes sense to use cloudfront over your client vpn:
CloudFront is no longer simply a cache. It is a complex solution that allows you to do work at the edge globally, but it also lets you manipulate data in complex ways and provide a single pane of glass over lots of functions. It should support VPCs just like edge-optimized API Gateway endpoints do.