Connect flyio to aws vpc

Hello
we decided to move part of our infra to flyio from aws, but we want to keep few services running on AWS (RDS, MSK), all our AWS services are available internally or through VPN., we don’t want to expose public access for apps running on FlyIo.

Is there a way FlyIo connects to AWS VPC through vpn or another option? (On AWS we have already vpn setup and vpc that routes traffic to service)

Thank you in advance :wink:

1 Like

Hi there, I think it should be possible to connect those AWS services to your Fly apps via WireGuard VPN. Hopefully the following docs can help you with this: Private Networking · Fly Docs

1 Like

Thank you, Ben, do you know what setting should we apply to wire guard service on ec2 so instances from aws are visible in fly.io?

For example, if you db dn hase next name 1213.postgresql.amazon.com, or we should add rerouting?.

Sorry, I am not so proficient in networking configuration :slight_smile:

Yes, you can establish a VPN connection between Fly.io and your AWS VPC to securely connect the two environments. Here’s how you can do it:

  1. VPN Setup on AWS: Ensure that you have a VPN setup and configured on AWS. This typically involves creating a Virtual Private Gateway (VGW), configuring a Customer Gateway (CGW) representing Fly.io, and establishing a VPN connection between them.
  2. Network Configuration on Fly.io: Configure the network settings on Fly.io to connect to your AWS VPC through the VPN. This may involve specifying the IP addresses of your AWS VPC endpoints and configuring routing rules to direct traffic through the VPN tunnel.
  3. Security Group and Routing Configuration: Update the security groups and routing tables on AWS to allow traffic from Fly.io’s IP addresses through the VPN connection. This ensures that communication between Fly.io and your AWS services (RDS, MSK) is allowed and secure.
  4. Testing and Monitoring: Test the VPN connection to ensure that traffic is flowing correctly between Fly.io and your AWS VPC. Monitor the connection for any issues or performance bottlenecks and make adjustments as needed.

By establishing a VPN connection between Fly.io and your AWS VPC, you can securely connect the two environments and ensure that your services running on Fly.io can access the AWS services (RDS, MSK) without exposing them to public access.

Thank you @ashleymike , but how do I setup vpn on my fly.io organization? I want all current future apps have access to AWS? do you have any documentation