Hi everyone, I’m looking for a VPN solution for our infrastructure. We have multiple AWS accounts (5) and resources in every are pretty much the same, utilizing a lot of AWS services, and one of those is also RDS. I want to have secure access to our database without me whitelisting dev’s IP address etc. We will be also aiming for security certificates like SOC2, so I was looking at some options. I can see OpenVPN is popular, but not sure if that is the case for me too. So we have multi-AWS accounts, all of them have their own VPC but they are all in the same region so far (there is a plan to have one in a different region). How would I set this up?
Aws have their own VPN endpoint solution and a client. Supports SAML Auth so can integrate with your IDP and RBAC access to different subnets. Transit gateway for hub and spoke all VPCs from multiple accounts into one account where the VPN endpoint is. Used for many years in our org with 100+ users. Works well, simple stable and 0 maintenance.