Hybrid Secure Architecture

IG IG <--> PS PS <--> NATG NATG <--> PRS PS --- RTPublic PRS --- RTPrivate VPG <--> ON ON <--> CG VPG <-.-> CG classDef aws fill:#FF9900,stroke:#232F3E,stroke-width:2px; classDef vpc fill:#F58536,stroke:#232F3E,stroke-width:2px; classDef subnet fill:#99C27C,stroke:#232F3E,stroke-width:2px; classDef gateway fill:#FF9900,stroke:#232F3E,stroke-width"> IG IG <--> PS PS <--> NATG NATG <--> PRS PS --- RTPublic PRS --- RTPrivate VPG <--> ON ON <--> CG VPG <-.-> CG classDef aws fill:#FF9900,stroke:#232F3E,stroke-width:2px; classDef vpc fill:#F58536,stroke:#232F3E,stroke-width:2px; classDef subnet fill:#99C27C,stroke:#232F3E,stroke-width:2px; classDef gateway fill:#FF9900,stroke:#232F3E,stroke-width"> IG IG <--> PS PS <--> NATG NATG <--> PRS PS --- RTPublic PRS --- RTPrivate VPG <--> ON ON <--> CG VPG <-.-> CG classDef aws fill:#FF9900,stroke:#232F3E,stroke-width:2px; classDef vpc fill:#F58536,stroke:#232F3E,stroke-width:2px; classDef subnet fill:#99C27C,stroke:#232F3E,stroke-width:2px; classDef gateway fill:#FF9900,stroke:#232F3E,stroke-width">

flowchart TB
    subgraph AWS["AWS Cloud"]
        subgraph VPC["VPC"]
            subgraph PS["Public Subnet"]
                EC2P[EC2 Instance]
            end
            subgraph PRS["Private Subnet"]
                EC2PR[EC2 Instance]
            end
            IG[Internet Gateway]
            NATG[NAT Gateway]
            RTPublic[Route Table Public]
            RTPrivate[Route Table Private]
            VPG[Virtual Private Gateway]
        end
    end
    
    subgraph ON["On-Premise Network"]
        CG[Customer Gateway]
    end
    
    Internet((Internet))
    
    Internet <--> IG
    IG <--> PS
    PS <--> NATG
    NATG <--> PRS
    PS --- RTPublic
    PRS --- RTPrivate
    VPG <--> ON
    ON <--> CG
    VPG <-.-> CG
    
    classDef aws fill:#FF9900,stroke:#232F3E,stroke-width:2px;
    classDef vpc fill:#F58536,stroke:#232F3E,stroke-width:2px;
    classDef subnet fill:#99C27C,stroke:#232F3E,stroke-width:2px;
    classDef gateway fill:#FF9900,stroke:#232F3E,stroke-width:2px;
    classDef routeTable fill:#FFFF99,stroke:#232F3E,stroke-width:2px;
    classDef onPremise fill:#7AA116,stroke:#232F3E,stroke-width:2px;
    classDef internet fill:#232F3E,stroke:#232F3E,stroke-width:2px,color:#FFFFFF;
    
    class AWS,VPC aws;
    class PS,PRS subnet;
    class IG,NATG,VPG gateway;
    class RTPublic,RTPrivate routeTable;
    class ON,CG onPremise;
    class Internet internet;

This Mermaid diagram illustrates the relationship between an AWS VPC and an on-premise network. Here are the main components and their relationships:

AWS Cloud: The overarching framework containing all AWS resources.
VPC (Virtual Private Cloud): An isolated network environment within AWS.
Public Subnet: A subnet with direct access to the Internet.
Private Subnet: A more secure subnet without direct Internet access.
Internet Gateway (IG): The gateway connecting the VPC to the Internet.
NAT Gateway (NATG): A gateway allowing resources in the private subnet to access the Internet.
Route Table Public: Traffic routing rules for the public subnet.
Route Table Private: Traffic routing rules for the private subnet.
Virtual Private Gateway (VPG): The AWS-side gateway connecting the VPC to the on-premise network.
On-Premise Network: The company's own data center or office network.
Customer Gateway (CG): The VPN device or software in the on-premise network.

The arrows in the diagram indicate traffic flow and relationships between components:

Internet <--> Internet Gateway <--> Public Subnet: Internet access for the public subnet
Public Subnet <--> NAT Gateway <--> Private Subnet: Internet access for the private subnet via NAT
Virtual Private Gateway <-.-> Customer Gateway: Site-to-Site VPN connection

This Mermaid diagram helps visualize AWS network components and on-premise connections. The color coding and grouping make it easier to distinguish different components and their relationships:

Orange elements represent AWS services