Accessing AWS Elasticsearch VPC endpoint through VPC peering
Question
I have an Elasticsearch domain with VPC access (ie no public access). I'd like to access the endpoint from an instance in another VPC. I've created a peering connection between the two VPCs, but since it's not possible to attach ES security group to an instance in the other VPC (apparently you can only attach SGs in the same VPC even if there's a peering connection), I can't access the endpoint.
Is VPC peering supported for ES at all and if so, what's the right way to set this up?
1 answers
solution1
0 2019-08-23 13:14:36
I know this question already has 5 months but I think it would be good to answer for future questions. In this case you do not have to worry about Security Group, but about subnets, you should make peering connect between subnet IP ranges, for example:
Requester VPC CIDRs 192.168.0.0/16
Accepter VPC CIDRs 10.0.0.0/20
And you must configure the route table to reference the subnets released in both VPCs. After that you will be able to connect to Elastic.
Here is some information: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
Hope this helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.