Reputation: 23801
Controlling Access subnets from aws vpn connection
By default when you use the VPN connection that provided by AWS using Customer Gateway and VPG, it give access to all of your vpc, how we can control this access or limit it to only single subnet.
Upvotes: 0
Views: 90
Answers (2)
Reputation: 2321
Terminate your VPN connection on a TGW which then can have individual routes to separate VPCs.
Upvotes: 0
Reputation: 37470
When you create a VPN connection, you have the choice between static and BGP. Further, if you choose to use BGP, you propagate the advertised routes into the VPC.
But even if you're using BGP, you can choose not to propagate the routes, and manually manage the routes in the VPC.
So you can create a route per subnet, and if you want a subnet to have access to the servers on the other side of the VPN, you can add the appropriate routes to that route table.
Upvotes: 0
Related Questions
- AWS Vpn routing to multiple subnets
- AWS: Public subnet + VPN gateway
- Allow resources in a private subnet access access between them and egress to internet
- Modify subnets to a VPC endpoint
- AWS - vpc: private subnet access from public subnet
- How do you restrict access between Subnets within the same VPC?
- Best practice to restrict unauthorized users from accessing instances inside private subnet
- aws ec2 instances in different vpc subnets access each other
- Private subnets options in AWS
- How to access the internet from VPC private subnet