Introduction


Typically, connecting to AWS Public-facing services (such as Amazon S3, DynamoDB, etc.) is something you do over the public Internet. However, you may want the benefits of consistent latency and performance offered by using private connectivity via AWS Direct Connect. Although you can access these services over private connectivity from within a AWS VPC using VPC Endpoints or Service Gateways, getting there from another public cloud via private line usually requires leased lines from your premises to each of your cloud environments and managing the routing yourself. This method means long-term contracts and, depending on your location, may also introduce more latency than it's worth given that all of the data hairpins through your facility on its journey between the clouds.


With Pureport's Multicloud Fabric, you can quickly and easily connect two clouds together via native private connectivity. This Solution Brief focuses on accessing AWS public-facing services from a Google Cloud VPC, via Google Cloud Interconnect and AWS Direct Connect using the Pureport Multicloud Router as the connection broker. This will allow you to take advantage of the consistent performance and latency of a private line, and also reduce your outbound transfer costs by utilizing the lower data transfer rates of Direct Connect versus the internet.



Geographical Considerations

In North America, AWS allows you to privately access their publicly available services via any Direct Connect location within North America. For example, you can access an S3 bucket located in the US West (Oregon) region with a Direct Connect connection located in the US East (N. Virginia) region. Traffic traverses the Amazon's private network between the Direct Connect location and the service endpoint location.


Prerequisites

Before you begin, you will need:

  • An AWS account with permissions to create Public Interfaces
  • A Google Cloud account with permissions to create Interconnects, and Google Cloud Routers.
  • A basic understanding of how the Pureport platform connects clouds and sites


Putting it together

The steps required to complete connectivity between an Google VPC and AWS public services are outlined below:

  1. Create a Pureport Network (see the Creating a Network article).

  2. Create a Google Cloud Interconnect circuit and connect it to your Pureport Network.

  3. Connect your Pureport Network to AWS using Public peering.

  4. Provision a Public Virtual Interface in your AWS account.


Supported AWS Public services

Pureport currently provides support for privately connecting to the following AWS Public Services:

  • Amazon S3
  • Amazon DynamoDB