Add public IPs of the on prem users in the inbound rules of security group and attach it to the instance I hope this was the answer he was looking for

1- Configure on-premise firewall to allow outbound traffic from on-premise network to the public IP address of EC2 instance where the website is hosted. 2- Security Groups: In AWS, configure the security group of EC2 instance to allow incoming traffic only from the IP address range of on-premise network. 3- VPN: For additional security, establish a VPN connection between on-premise network and AWS VPC , i won't go with direct access coz based on my understanding , it was not designed for this case study

Rather than using VPN coz of it's limitation for the traffic bandwidth, i will prefer to use SSL/TLS , where it should be generated on premises and copy to aws ec2 then on the database client connection , i will use that cert + on premise IP address, PLEASE RATE THIS ANSWER OUT OF 10

This is really helpful. If possible can you post time stamps for all questions?

Endpoints to connect ec2 with s3 to bypass going over the internet..

Gateway endpoint for s3 and dynamodb for privately connection without internet

Direct Connect can be configures between on prem and AWS to create a privateand reliable connection between both the envs

👍

nice

Transit Gateway

"Nacl level" we can

how can i reach out you

i am also planning to interview to you

VPC peering

we can use vpn

Firewall rules