r/CloudFlare: Private Connect to AWS

r/CloudFlare: Private Connect to AWS
This article archives a conversation, which took place in a subreddit post (original source linked below) and to which I contributed a solution or answer (with the u/MasterofSynapse handle), in a Q&A format.

Original Reddit post: https://www.reddit.com/r/CloudFlare/comments/y4knpa/private_connect_to_aws/


Is there a way to privately connect the Cloudflare network with AWS, so that someone doesn't need to go through the public Internet (incl. ACLs to to only allow Cloudflare IPs) when connecting both sites?


Yes, look at Cloudflare Tunnel within Cloudflare One, either with Access Applications or via WARP

Comment 1 on Answer

But that‘s per application, resp. using an application gateway? I’m searching for connectivity solutions beside that, like BGP peering or similar technology without spanning IPSEC/GRE/HTTPS tunnels.

My response to comment 1

Cloudflare has BGP peering with AWS, e.g. for their R2 object storage. But what you want would be a private fiber between both, just for you. And that is neither feasible nor payable. And BGP peering goes over the public WAN too, so nothing gained there. So I recommend you the Tunnel approach.