Overview
This Guidance demonstrates how to configure a proxy in a virtual private cloud (VPC) to connect external services to your Amazon VPC Lattice service network, enabling public, hybrid, or cross-Region access. While VPC Lattice simplifies service-to-service consumption within an AWS Region, if your applications reside outside that Region, you'll need to create and manage a proxy solution. By following this Guidance to build an ingress VPC and configure appropriate DNS resolution, you can easily establish connectivity to your external resources from your VPC Lattice service network.
How it works
Overview
This architecture diagram shows how to configure a proxy in a virtual private cloud (VPC) to connect external services to Amazon VPC Lattice. There are three ways to use Amazon VPC Lattice for public, hybrid, or cross-Region access. Each are outlined further are in the corresponding tabs.

Public access
This architecture diagram shows how placing a proxy solution in an associated VPC enables external consumption of VPC Lattice services by adjusting the DNS resolution.

Hybrid access
This architecture diagram shows how placing a proxy solution in an associated VPC enables on-premises applications to have external consumption of VPC Lattice services by adjusting the hybrid DNS resolution.

Cross-Region access
This architecture diagram shows how placing a proxy solution in an associated VPC enables cross-Region consumption of VPC Lattice services by adjusting the hybrid DNS resolution.

Well-Architected Pillars
The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.
Deploy with confidence
Ready to deploy? Review the sample code on GitHub for detailed deployment instructions to deploy as-is or customize to fit your needs.
Disclaimer
Did you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages