I'm working with a major vendor that requires their data to be stored in Azure, specifically in an Azure Postgres database. The twist is, they need consistent data communication between AWS and Azure, coming back to AWS where their actual data will be used.
We host our applications and databases on AWS EKS, and the vendor isn't particular about where their data is hosted.
I'm considering a Site-to-Site VPN for secure communication from AWS to Azure and back. I've also looked into using AWS Database Migration Service (DMS) with an Azure agent, potentially setting up a standalone Aurora RDS database in AWS that could send data daily to another Aurora RDS database.
I need advice on the best and most cost-effective solution for this data transfer. Additionally, I may need to implement something similar for Google Cloud Platform, where their data also has specific storage requirements.
3 Answers
So, just to clarify, it sounds like you’re using EKS to run apps for customers? If that's the case, you might want to verify that you understand all the data residency policies since that could affect your setup.
Have you estimated how much data you'll be transferring? If it's a lot, a Site-to-Site VPN might not be the most efficient. You could explore using tools like Blobfuse to transfer data from AWS to Azure and then handle loading it into Postgres from there. Check out the Azure documentation for Blobfuse for more details!
You definitely need a secure connection. Opening up the security groups too much could lead to vulnerabilities. A Site-to-Site VPN or alternatives like Direct Connect would be solid options for ensuring secure data transfer between AWS and Azure, especially when using DMS for data management. Just remember, you'll be responsible for the networking setup!
That makes sense! I think I'll go with the Site-to-Site VPN since we already pay for Pritunl; it should fit into our existing infrastructure well.
We haven't quantified the data yet. I'm waiting on feedback from the dev team, but I'll definitely look into Blobfuse in the meantime.