1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
I do not see why this wouldn’t work. I’d recommend though moving your VPN to a central network account and making that the central egress.
Then I would move all route53 zones to the central network account. Then share the private zones to the corresponding accounts.
I would take the internal load balancer approach though make sure you are aware you can’t use the same target groups across different load balancers. You’d have to have separate TGs for each ELB
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
Hey Gary,
Thanks for your reply. I think I understand your last point about the internal load balancer but could you elaborate what you mean when you say, "you can't use the same target groups across different load balancers" ?
If you have EC2's registered in a target group, that target group and can only asscoicated with 1 ALB. You would need to create a 2nd Target group to asscoicate the EC2s to another ALB. So you need a Target group for the external ALB and another Target Group for the Internal ALB. If using ECS then you will need to configure the Service for 2 target groups