Connect flyio to aws vpc

vitalie · February 8, 2024, 1:35pm

Hello
we decided to move part of our infra to flyio from aws, but we want to keep few services running on AWS (RDS, MSK), all our AWS services are available internally or through VPN., we don’t want to expose public access for apps running on FlyIo.

Is there a way FlyIo connects to AWS VPC through vpn or another option? (On AWS we have already vpn setup and vpc that routes traffic to service)

Thank you in advance

ben-ang · February 9, 2024, 6:51pm

Hi there, I think it should be possible to connect those AWS services to your Fly apps via WireGuard VPN. Hopefully the following docs can help you with this: Private Networking · Fly Docs

vitalie · February 14, 2024, 9:42am

Thank you, Ben, do you know what setting should we apply to wire guard service on ec2 so instances from aws are visible in fly.io?

For example, if you db dn hase next name 1213.postgresql.amazon.com, or we should add rerouting?.

Sorry, I am not so proficient in networking configuration

ashleymike · February 14, 2024, 11:04am

Yes, you can establish a VPN connection between Fly.io and your AWS VPC to securely connect the two environments. Here’s how you can do it:

VPN Setup on AWS: Ensure that you have a VPN setup and configured on AWS. This typically involves creating a Virtual Private Gateway (VGW), configuring a Customer Gateway (CGW) representing Fly.io, and establishing a VPN connection between them.
Network Configuration on Fly.io: Configure the network settings on Fly.io to connect to your AWS VPC through the VPN. This may involve specifying the IP addresses of your AWS VPC endpoints and configuring routing rules to direct traffic through the VPN tunnel.
Security Group and Routing Configuration: Update the security groups and routing tables on AWS to allow traffic from Fly.io’s IP addresses through the VPN connection. This ensures that communication between Fly.io and your AWS services (RDS, MSK) is allowed and secure.
Testing and Monitoring: Test the VPN connection to ensure that traffic is flowing correctly between Fly.io and your AWS VPC. Monitor the connection for any issues or performance bottlenecks and make adjustments as needed.

By establishing a VPN connection between Fly.io and your AWS VPC, you can securely connect the two environments and ensure that your services running on Fly.io can access the AWS services (RDS, MSK) without exposing them to public access.

vitalie · February 21, 2024, 7:21pm

Thank you @ashleymike , but how do I setup vpn on my fly.io organization? I want all current future apps have access to AWS? do you have any documentation

catflydotio · April 17, 2024, 5:45pm

From How To to Questions / Help

system · April 24, 2024, 5:46pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Connecting to internal AWS VPC machines/DBs via wireguard. Questions / Help	1	216	November 27, 2023
Fly.io + RDS & Elasticache Questions / Help	15	2126	August 24, 2022
Peering to TimescaleDB via VPC (virtual private cloud) Questions / Help	2	787	November 10, 2021
How to only access through VPN? Questions / Help	3	759	May 18, 2023
Technique for connecting to a database over ipsec/strongswan/other? Questions / Help databases	1	71	April 1, 2024

Connect flyio to aws vpc

Related Topics