1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
I do not see why this wouldn’t work. I’d recommend though moving your VPN to a central network account and making that the central egress.
Then I would move all route53 zones to the central network account. Then share the private zones to the corresponding accounts.
I would take the internal load balancer approach though make sure you are aware you can’t use the same target groups across different load balancers. You’d have to have separate TGs for each ELB
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 3 años
Hey Gary,
Thanks for your reply. I think I understand your last point about the internal load balancer but could you elaborate what you mean when you say, "you can't use the same target groups across different load balancers" ?
If you have EC2's registered in a target group, that target group and can only asscoicated with 1 ALB. You would need to create a 2nd Target group to asscoicate the EC2s to another ALB. So you need a Target group for the external ALB and another Target Group for the Internal ALB. If using ECS then you will need to configure the Service for 2 target groups