Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

Set up remote access to the customer's Amazon EC2

...

instance

WSO2 does all Managed Cloud deployments in an Amazon Virtual Private Cloud (Amazon VPC). A VPC enables you to launch Amazon Web Services (AWS) into a virtual network that you define. A VPC improves the security of your data by providing network-level control and isolation for the AWS. You can keep your data and configurations in a private space and expose them through the DMZ. This virtual network closely resembles a traditional network, but with improved security and scalability.

We access the customer's Amazon EC2 instants instance over SSH only, with a Bastion host working as the SSH gateway. The Bastian host can either reside in the VPC or in the customer's datacenter as depicted in the diagrams below:

...

    • The DNS is in the VPC: WSO2 uses an Amazon Route53 instant instance to maintain the domain name to IP mappings related to the Managed Cloud. 
       
    • The DNS is in the customer's datacenter: WSO2 provides the domain name to IP mappings related to the Managed Cloud to the customer, who manages the DNS server in the customer's datacenter.
      <Image coming up soon>  

...

The customers can either use their own SMTP servers or allow WSO2 to use Amazon SES. Shown below is how an SMTP server in the customer's datacenter communicate the WSO2 EC2 instant instance in the Amazon VPC.

<Image coming up soon>

...