AWS Quick Notes — AWS PrivateLink
This service can be used when you need to expose a service to multiple VPCs other than the one is it is hosted in.
AWS Private Link simplifies the setup and eliminates the need for specific VPC peering connections or routes from one VPC to another to expose this service.
- Set up a Network Load balancer in the VPC that needs it service to be exposed.Connect the application service to the Network Load Balancer.
- AWS privateLink is then setup and connects to the Network Load Balancer.
- Set up a Elastic Network Interface in the VPC that needs to access the exposed service. Connect the consuming application to the ENI.
- Connect the ENI in the consuming VPC to the AWS Privatelink setup in the service VPC.
- Now the application has access to the exposed service from another VPC.
if the consuming application is in an on-premises data center outside of AWS, a direct connect connection can be used. In this case there are a few additional steps.
- The consuming application would connect to a customer gateway , which would connect to the direct connect connection and terminate on the Virtual Private Gateway in the VPC.
- The Virtual Private Gateway would then connect with AWS PrivateLink.