Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

Amazon Web Services

Reply
Highlighted

amazon vpc question

Techie
Posts: 10
38810     2
  1. What happens when we have a hub and spoke connection where multiple vpc’s are aggregated through a parent Amazon account. Does the infoblox proxy know how to call the right sub account?
Highlighted

Re: amazon vpc question

Techie
Posts: 2
38810     2

if you're talking about vdiscovery, this works through specific AWS IAM accounts and is rights based. As long as the vdiscovery member can access the service endpoint which is public then no problem. If we're talking about a CPA appliance, API proxied calls are network routed. once the API calls hit the target CPA appliance the grid takes over and is pure networking. The CPA appliance will also queue in the event there is a hicup or lapse in access to the GM.

 

Does this answer the question?

Highlighted

Re: amazon vpc question

Community Manager
Community Manager
Posts: 357
38811     2

To add to this- if spinning up an instance using API proxy (whether it be through your Grid Master or a CP (Cloud Platform) appliance, you would specify the VPC that the instance should be launched in. For vDiscovery, this is reported on during the vDiscovery process and is learned automatically so nothing is required in order for NIOS to learn this.

 

Thank you,

Tony Tiscareno

Infoblox

Highlighted

Re: amazon vpc question

Techie
Posts: 1
38811     2

I just set up a VPC, and need the VPC to access some internal servers through my Cisco 5510 ASA.

Is it best to use the config that Amazon supplies? Or is there a best practice to do this?

Did some Google searches, but I get a variety of answers.

Highlighted

Re: amazon vpc question

Techie
Posts: 1
38811     2

Is there any benefit of placing servers in their own subnets based on purpose? e.g. Web, App and Database servers.

 

I can't see why I can't just have 1 public subnet and 1 private subnert with all servers being in the private and traffic controlled by security groups. Maybe I'm over thinking when trying to put each server in it's own subnet.

 
Showing results for 
Search instead for 
Do you mean 

Recommended for You