- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Hi Tushar,
Thank you for responding. I have reviewed the articles, and they focus on east-west traffic inspection between VPCs. However, in our scenario, we intend to route different subnets of a single VPC through the firewall. The firewall is deployed in the network account and connected via a transit gateway.
Hi,
So to route the traffic between different subnets of a single VPC, a AWS network firewall in each VPC needs to deploy?
We can not have a centralized AWS network firewall for traffic inspection of subnets in same VPC.
That is correct.
You can not route traffic between different subnets of a single VPC via TGW and inspection VPC.
For your use-case you can use the VPC MSR (more specific routing) feature to steer the traffic via ANFW, see the below blog (see the pattern: "AWS Network Firewall is deployed to protect traffic between two different subnets in the same VPC.")
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
Thanks for the clarification. I updated my answer.