When I was working on our client there was a task in which we had to migrate the application from azure cloud to AWS. Migrating the application was a later thing, first, we needed to create a secure connection between the two clouds so that we could migrate securely and encrypted, so for this, we thought of a Site-to-SiteVPN connection.
Through this blog, I will guide you on how we connect azure cloud to AWS cloud by AWS site-to-site VPN connection.
Why we used a Site-to-Site VPN connection?
AWS site-to-site VPN is a service offered by Amazon so that we can securely connect to our cloud. It creates a secure and encrypted connection between our Azure infrastructure and AWS infrastructure. AWS site-to-site VPN supports internet protocol security which gives secure and private communication between our on premises network and VPC.
Features of Site-to-Site VPN Connection
Secure and Encrypted communication:- It establishes a secure and encrypted connection between our clouds. This also ensures that data transmitted between the two networks is protected from unauthorized access.
Hybrid Cloud Connectivity:- Using AWS Site-to-Site VPN enables hybrid cloud architectures by connecting your on-premises data center or office network with your AWS VPC.
Flexible and Scalable:- AWS Site-to-Site VPN is highly flexible and scalable. We can connect many sites and networks by establishing several VPN connections to various VPC or AWS regions.
Steps to set up AWS Site-to-Site VPN connection between Azure and AWS
Step 1: Create Virtual Network Gateway in your Azure account.
Step 2: Now go to your AWS account and create customer gateway.
Here we are using the Public IP of Virtual Network Gateway in IP Address field which we created in step 1.
Step 3: After creating customer gateway, We need to create virtual private gateway in AWS.
Step 4: After creating a virtual private gateway, Now we need to attach the virtual private gateway with our VPC. Select the virtual private gateway which you have created.
Go to Action and click on Attach to VPC.
Select your VPC and click on Attach to VPC.
Now your virtual private gateway is attached with VPC.
Step 5: Create Site-to-Site VPN connection in AWS.
Here in Static IP prefixes, we are using the Subnet CIDR of Azure account in Static IP prefixes field.
Step 6: After creating Site-to-Site VPN connection we need to download configuration file. Click on Download configuration.
Select Vendor and Platform at Generic and click on Download.
Step 7: Now go to your Azure account and create Local Network Gateway.
Here we are using Virtual Private Gateway IP in IP Address field from the configuration file you have downloaded in step 6 and AWS VPC id in Address Space(s) field.
Step 8: Now go to your Virtual Network Gateway you previously created in step 1 and click on add connection.
Here we are using shared key which is available on the configuration file you have downloaded in step 6.
Step 9: After the connection established , Now go to your AWS account and select VPN connection you have created and see tunnel details. There you will see Tunnel 1 is up.
Step 10: Now we need to add add virtual private gateway in route table.
Select you Route Table and click on Routes and then Edit Routes.
Then add the Subnet CIDR of Azure and in Target you have to select Virtual Private Gateway.
Step 11: Now your connection is established between AWS to Azure. Now you can create Instances in both Account and test their connection.
Conclusion
In this blog, we have learned that AWS Site-to-Site VPN connection is used to establish secure and encrypted connections between our clouds. We have also discussed why we used AWS Site-to-Site VPN connection and discussed its features. Also, We have Setup AWS Site-to-Site VPN connection between Azure and AWS.
Blog Pundits: Shweta Tyagi and Sandeep Rawat
OpsTree is an End-to-End DevOps Solution Provider.
Connect with Us