Click here to Skip to main content
15,881,248 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
This is more of an architectural question rather than coding issue.
Please pardon me if I am in wrong place
I have an Ec2 instance running in private VPC where we in future are
going to deploy PII data and by no mean we can have internet access to it.
However We need to install ETL tool in docker(Airflow, docker, nifi, python etc)
and ofcourse need to ssh into from my local company vpc.

I tried to search internet to get any tutorial or training about it.
But cannot find it.

Any suggestion will be highly appreciated.

What I have tried:

There is two approach as far as I think is
1. To create an another EC2 in public
subnet and install all our tool there and call the VPC EC2 from this one.
So that I can move the pii data to S3 through private Endpoint.

Cons: Does not it still raise the security concern as the EC2(ETL) is still
in internet where from one can access the pii data in second ec2.

2. To create the Ec2 in public and install all tools and then finally change it into
private VPC.
Cons: in case if tool crash or there is any change needed then will have to move it back to public
which again does not look proper way of handling it.
Updated 28-Mar-21 13:57pm

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900