I have an ECS application that's running inside private subnets on AWS. To avoid incurring costs from a NAT gateway, I've successfully set up VPC endpoints for ECR and Secrets Manager, which are working fine for AWS services. The hitch is that I just discovered my app needs to connect to Azure PubSub, and since that's not an AWS service, I can't use a VPC endpoint for it. Is there a way to access Azure PubSub from my private subnets without having to pay for a NAT gateway? Or should I just accept the NAT costs? Any advice would help!
2 Answers
S2S VPN is definitely a solid option, but remember you'll end up paying either way. Depending on your traffic volume, using a NAT Gateway could actually be cheaper and less hassle. Also, check out Enforza; they provide managed Secure NAT Gateways that could save you some money compared to AWS's options. They even have a savings calculator to help you find your best fit.
You might want to consider setting up a site-to-site VPN between AWS and Azure. Just a heads up though, that will also come with its own costs, so you'll need to weigh those against the NAT gateway expenses.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures