Direct Connect and VPN
Up to this point, our VPC has been a self-contained network that resides in the AWS network. It is flexible and functional, but to access the resources inside the VPC, we will need to access them with their internet-facing services, such as SSH and HTTPS.
In this section, we will look at the ways AWS allows us to connect to the VPC from our private network: an IPSec VPN gateway and Direct Connect.
VPN Gateways
The first way to connect our on-premise network to VPC is with traditional IPSec VPN connections. We will need a publicly accessible device to establish VPN connections to AWS's VPN devices.
The customer gateway needs to support route-based IPSec VPNs where the VPN connection is treated as a connection that a routing protocol and normal user traffic can traverse. Currently, AWS recommends using BGP to exchange routes.
On the VPC side, we can follow a similar routing table where we can route a particular subnet toward the virtual private...
