Member-only story
How to do secure TCP connection via Int-TCP-Proxy-LB & Cloud-NAT between GCP & AWS
Let’s consider a scenario where your application hosted in GCP needs to connect to third party vendor’s Amazon RDS database hosted in AWS. The secure method of establishing the connectivity is through a VPN between these two cloud envs. In case you are unable to establish a secure VPN for some reason and need to establish the connection over internet , then this post might be helpful to you.
For our testing purpose, lets consider the application needs to connect to the RDS databased hosted in AWS. In order for us to establish connection to RDS database , it should be publicly accessible and the security group’s inbound rule should allow connection only for our GCP source ip. We will come back to this GCP source ip when we create the CloudNAT in GCP.
In GCP , you need to reserve a “proxy-only-subnet” for load-balancing with the purpose of “Regional managed proxy”. Screenshot is given below,
