It costs more to implement, a VPN solution on AWS than it would to use say, Let’s Encrypt to update the webserver with SSL/TLS certs. Both encrypt traffic, yet one relies on extra sources of security such as a couple of certs/keys and username and password, the latter just allows any ip to connect to the webserver and this connection is encrypted.
Does it make sense or is it redundant to utilize a VPN when you can use security groups, finely tuned to say allow inbound https access to the webserver from known IP’s of your remote office?
Im amazed at how well security groups can work to make security better in the cloud.
But back to my question/scenario… Should we implement VPNs to remotely access servers or is it okay to face our webserver running openemr up front on the internet with lets encrypt certs + limited access via security groups?