[mirimir]

Yeah, that jumped out for me too. I'm guessing that they didn't want to deploy some sort of private network layer.

[lykr0n]

That's easier said then done. There are no simple cross cloud provider solutions for a private networking other then ZeroTier, which has it's own issues.

[kureikain]

Last time I was able to build Azure <-> AWS and GCP <-> AWS use their VPN tunneling and a strongswan server on AWS.

It's only AZure <-> AWS <-> GCP, Azure <-> GCP I didn't try bcuz we just want to connect to central AWS node.

I think IPSec with the "right" config is good enough. But the pain is managing the route tables :(.

[mirimir]

As a hobbyist, I might use tinc or PeerVPN. Or Tor plus OnionCat, with restrictive ip6tables rules. I've used that for a private Docker repository.

But those are probably not secure enough. Or too much hassle to setup.