There are situations where separation between your application environment and load generating environment are necessary. In fact, it is generally a feature of a realistic, well-architected load test. In this article we will explain how you can easily and conveniently configure an AWS multiple account setup for load testing as a measure to secure your application environment.
Configuring Access between Multiple Accounts
With AWS, it is possible to have multiple accounts linked under a common account which manages them all. This is a standard procedure which is frequently used by many companies who use AWS. Separation between cloud networks is achieved when a load test is launched from a VPC in one account and targets a VPC in a different account.
For illustrative purposes, let us consider the following architecture example:
A good security practice is to define network access control between virtual private networks (VPCs). Instructions for accomplishing this can be found in the AWS documentation under the topic “Connect VPCs using VPC peering”.
This type of arrangement acts just as a client would. You can configure this peering connection such that access to your production servers or services is limited to whichever protocols you configure (e.g., https). Additionally, you control permissions within your load test account. AWS also has another page in their documentation which conveniently links to common VPC tasks as it relates to peering connections.
Linking Multiple Accounts under a Single Organization
From an administrative standpoint, you can also link multiple AWS accounts together under a single Organization. This allows you to administer the accounts in a single place. It also allows you to consolidate billing and simplify other aspects of account management. AWS provides all the details to this procedure in their documentation under the topic “Managing the AWS accounts in your organization”.
Did you know that RedLine13 offers a full-featured free trial? Sign up now and start testing today!