Internetwork traffic privacy - Amazon Nimble Studio

Internetwork traffic privacy

Amazon Nimble Studio uses Amazon Virtual Private Cloud (Amazon VPC) to secure connections. Amazon VPC provides features that you can use to increase and monitor the security for your virtual private cloud (VPC).

The connection between your users and their Nimble Studio streaming session is routed over the public internet. All other network traffic from streaming sessions is routed over the network interface that Nimble Studio creates in your account. This network traffic is subject to the security groups that are configured with the launch profile that’s selected by the user.

While Nimble Studio creates a network interface in the customers account, the customers control what this interface has access to via launch profiles. Launch profiles allow you to control which network resources a render worker can access, including public internet access. The security configurations in launch profiles work in tandem with standard OS-level security controls to limit reachable network resources from a streaming session.

Customers can also deploy Amazon VPC endpoints to leverage AWS PrivateLink. AWS PrivateLink is a way of communicating to AWS services via private endpoints.

Traffic between AWS resources in the same AWS Region

A VPC endpoint is a logical entity within a VPC that allows connectivity only to Nimble Studio. The VPC routes requests to Nimble Studio and routes responses back to the VPC. For more information, see VPC Endpoints in the Amazon VPC User Guide