netbirdio · HadesArchitect · Feb 14, 2025
diff --git a/public/docs-static/img/how-to-guides/aws-vpc/aws-ecs-logo.png b/public/docs-static/img/how-to-guides/aws-vpc/aws-ecs-logo.png
diff --git a/public/docs-static/img/how-to-guides/aws-vpc/aws-logo.png b/public/docs-static/img/how-to-guides/aws-vpc/aws-logo.png
diff --git a/public/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png b/public/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png
diff --git a/public/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png b/public/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
@@ -211,8 +211,17 @@ export const docsNavigation = [
      links: [
          { title: 'Serverless and NetBird', href: '/how-to/netbird-on-faas' },
          { title: 'Routing peers and Kubernetes', href: '/how-to/routing-peers-and-kubernetes'},
-         { title: 'NetBird Client on AWS ECS', href: '/how-to/examples'},
          { title: 'Netbird on Mikrotik Router', href: '/how-to/client-on-mikrotik-router' },
+         {
+            title: 'Connecting to AWS resources',
+            isOpen: false,
+            links: [
+                { title: 'Connecting to AWS VPC', href: '/how-to/connecting-to-aws-vpc' },
+                { title: 'Connecting to AWS VPC with High-Availability', href: '/how-to/connecting-to-aws-vpc-ha' },
+                { title: 'Connecting to AWS ECS Cluster', href: '/how-to/connecting-to-aws-ecs' },
+                { title: 'NetBird Client on AWS ECS', href: '/how-to/examples'},
+            ]
+        },
      ],
 
 

diff --git a/src/pages/how-to/connecting-to-aws-ecs.mdx b/src/pages/how-to/connecting-to-aws-ecs.mdx
@@ -0,0 +1,62 @@
+# Connecting to AWS ECS cluster
+
+<img style={{float: 'right', width: 250, margin: '0 0 0 30px'}} src="/docs-static/img/how-to-guides/aws-vpc/aws-ecs-logo.png" alt="aws logo" />
+
+**[TODO: Description]** Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas dolor enim, semper at hendrerit ac, convallis non magna. Curabitur at quam orci. Aenean convallis vehicula justo, et convallis turpis aliquam quis. Ut porta nec orci vel convallis. In id maximus turpis. Mauris non tincidunt sapien, sit amet blandit erat. Duis tempor dolor ut porta imperdiet. Fusce molestie porttitor augue, eu congue neque dignissim vel. Sed vitae elit nulla. Etiam facilisis a turpis vitae varius. Maecenas iaculis consequat mauris, id ultricies felis ornare sed. Nam nec mattis ligula, tempus maximus justo. Etiam malesuada malesuada malesuada erat ac tristique sollicitudin. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare.
+
+<Note>
+    In this example, we will connect to AWS ECS cluster using NetBird Networks. It's also possible to do it running Netbird Client right inside ECS cluster as a part of ECS Service. {/* TODO: Add a link to a ECS NetBird Agent guide */}
+</Note>
+
+## Video Guide
+For details on accessing an AWS ECS cluster from your NetBird network, watch this video guide on YouTube:
+**[TODO: Record a video for this guide]**
+<iframe width="560" height="315" src="https://www.youtube.com/embed/JRCZy4rLi-c?start=34" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+
+
+## Prerequisites
+In this guide we assume that user has some experience with AWS and its features aren't explained in details.
+
+### Requirements
+* A NetBird account with a Setup Key.
+* Another NetBird client in your network to validate the connection (possibly your laptop or a machine you are running this example on).
+* An [AWS account](https://aws.amazon.com/free/).
+
+## Guide
+
+<Note>
+    Before getting started with this, be aware that usage of AWS resources may incur charges from AWS
+</Note>
+
+### Create an ECS Cluster
+
+...
+use VPC from the [connecting to AWS VPC](/how-to/connecting-to-aws-vpc) guide
+...
+
+### Create a Service
+
+...
+switch off Public IP!
+use restrictive security group!
+...
+
+### Create a Task
+
+...we use nginx docker image. It won't be available because the service doesn't have an allocated public IP and security group doesn't allow inbound traffic...
+
+### Add a Resource to the NetBird Network
+...
+use the Network from the [connecting to AWS VPC](/how-to/connecting-to-aws-vpc) guide
+...
+
+### Validation
+
+To be sure that everything works, we need to test access to AWS resources.
+
+## Tear Down
+
+To avoid possible costs, remove created resources:
+
+* The ECS Cluster. Related services and tasks will be deleted automatically.
+* The AWS resources from the guide used to create the NetBird Network, if you don't plan to use them.
diff --git a/src/pages/how-to/connecting-to-aws-vpc-ha.mdx b/src/pages/how-to/connecting-to-aws-vpc-ha.mdx
@@ -0,0 +1,89 @@
+# Connecting to AWS VPC Resources - The Right Way
+
+<img style={{float: 'right', width: 250, margin: '0 0 10px 30px'}} src="/docs-static/img/how-to-guides/aws-vpc/aws-logo.png" alt="aws logo" />
+
+**[TODO: Description]** Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas dolor enim, semper at hendrerit ac, convallis non magna. Curabitur at quam orci. Aenean convallis vehicula justo, et convallis turpis aliquam quis. Ut porta nec orci vel convallis. In id maximus turpis. Mauris non tincidunt sapien, sit amet blandit erat. Duis tempor dolor ut porta imperdiet. Fusce molestie porttitor augue, eu congue neque dignissim vel. Sed vitae elit nulla. Etiam facilisis a turpis vitae varius. Maecenas iaculis consequat mauris, id ultricies felis ornare sed. Nam nec mattis ligula, tempus maximus justo. Etiam malesuada malesuada malesuada erat ac tristique sollicitudin. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare.
+
+**In this example, we will connect to AWS resources in a private AWS Cloud with NetBird Networks using High-Availability **
+
+This allows you to:
+
+* Connect to EC2 running on private subnets without the need to open firewall rules or configure bastion servers.
+* Use other AWS resources where installation of NetBird agent is not desired or not possible: managed databases, Lambda functions, etc.
+* Make your AWS resource able to access other services connected to your NetBird network and running anywhere else.
+<Note>
+    Before getting started with this, be aware that usage of AWS resources may incur charges from AWS
+</Note>
+
+## Video Guide
+For details on connecting AWS resources to your NetBird network, watch this video guide on YouTube:
+**[TODO: Record a video for this guide]**
+<iframe width="560" height="315" src="https://www.youtube.com/embed/JRCZy4rLi-c?start=34" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+
+## Prerequisites
+In this guide we assume that user has some experience with AWS and its features aren't explained in details.
+### Requirements
+* A NetBird account with a Setup Key.
+* Another NetBird client in your network to validate the connection (possibly your laptop or a machine you are running this example on).
+* An [AWS account](https://aws.amazon.com/free/).
+
+### Exisitng AWS VPC
+In this guide, we won't cover creation of an AWC Virtual Private Network
+<p>
+    <a href="/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png">
+        <img src="/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png" alt="aws vpc diagram" max-width="800" />
+    </a>
+</p>
+
+### Security Group
+
+The default pre-created security group allows all outbound traffic, but no incoming traffic - the VPC resources are allowed to communicate with each over within the VPC, but we won't be able to access them from the outside.
+
+<p>
+    <a href="/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png">
+        <img src="/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png" alt="aws vpc diagram" max-width="800"/>
+    </a>
+</p>
+
+## Guide
+
+### Create a Security Group
+
+To make our Routing Peer available to other NetBird clients directly without using of a Relay, we have to create a Security Group...
+
+
+### Create an EC2 Launch Template
+
+* Navigate to AWS EC2 service and 
+
+### Create an EC2 Target Group
+...
+
+### Create an EC2 Load Balancer
+...
+
+### Create a NetBird Network
+...
+
+### Add a Routing Peer Group
+...
+
+## Validation
+
+To be sure that everything works, we need to test access to AWS resources.
+
+### Create 
+
+... temporary ec2 instance ...
+
+### Add a Resource
+
+... screenshots ...
+
+## Tear Down
+
+To avoid possible costs, remove created resources:
+
+* NetBird Router Instances Auto-Scaling Group
+* Load Balancer
+* the VPC and related resources like Security Groups if they were created
diff --git a/src/pages/how-to/connecting-to-aws-vpc.mdx b/src/pages/how-to/connecting-to-aws-vpc.mdx
@@ -0,0 +1,97 @@
+# Connecting to AWS VPC Resources
+
+<img style={{float: 'right', width: 250, margin: '0 0 10px 30px'}} src="/docs-static/img/how-to-guides/aws-vpc/aws-logo.png" alt="aws logo" />
+
+**[TODO: Description]** Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas dolor enim, semper at hendrerit ac, convallis non magna. Curabitur at quam orci. Aenean convallis vehicula justo, et convallis turpis aliquam quis. Ut porta nec orci vel convallis. In id maximus turpis. Mauris non tincidunt sapien, sit amet blandit erat. Duis tempor dolor ut porta imperdiet. Fusce molestie porttitor augue, eu congue neque dignissim vel. Sed vitae elit nulla. Etiam facilisis a turpis vitae varius. Maecenas iaculis consequat mauris, id ultricies felis ornare sed. Nam nec mattis ligula, tempus maximus justo. Etiam malesuada malesuada malesuada erat ac tristique sollicitudin. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare. Curabitur porta at nunc nec ornare.
+
+**In this example, we will connect to AWS resources in a private VPC with NetBird Networks**
+
+This allows you to:
+
+* Connect to EC2 running on private subnets
+* Use other AWS resources where installation of NetBird agent is not desired or not possible: managed databases, Lambda functions, etc.
+* Make your AWS resource able to access other services connected to your NetBird network and running anywhere else.
+<Note>
+    Before getting started with this, be aware that usage of AWS resources may incur charges from AWS
+</Note>
+
+## Video Guide
+For details on connecting AWS resources to your NetBird network, watch this video guide on YouTube:
+**[TODO: Record a video for this guide]**
+<iframe width="560" height="315" src="https://www.youtube.com/embed/JRCZy4rLi-c?start=34" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+
+## Prerequisites
+In this guide we assume that user has some experience with AWS and its features aren't explained in details.
+### Requirements
+* A NetBird account with a Setup Key.
+* Another NetBird client in your network to validate the connection (possibly your laptop or a machine you are running this example on).
+* An [AWS account](https://aws.amazon.com/free/).
+
+### AWS VPC
+In this guide, we use an AWC Virtual Private Cloud network, it's possible to use an existing one or create a new. We use a VPC with two private and two public networks placed in two different Availability Zones.
+<p>
+    <a href="/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png">
+        <img src="/docs-static/img/how-to-guides/aws-vpc/vpc-diagram.png" alt="aws vpc diagram" max-width="800" />
+    </a>
+</p>
+
+### Security Group
+
+The default pre-created security group allows all outbound traffic, but no incoming traffic - the VPC resources are allowed to communicate with each over within the VPC, but we won't be able to access them from the outside.
+
+<p>
+    <a href="/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png">
+        <img src="/docs-static/img/how-to-guides/aws-vpc/vpc-sec-group.png" alt="aws vpc diagram" max-width="800"/>
+    </a>
+</p>
+
+## Guide
+
+...
+
+### Create an EC2 instance
+
+* Navigate to AWS EC2 service and create an EC2 instance using Amazon Linux 2 AMI and t.2 micro free-tier compatible ...
+
+
+### Install NetBird agent
+
+Login to https://app.netbird.io and [add your machine as a peer](https://app.netbird.io/add-peer), once you are done with the steps described there, copy your [Setup key](https://app.netbird.io/setup-keys).
+
+...
+install linux agent 
+...
+
+### Create a NetBird Network
+
+... create network ... screenshot ... link to documentation
+
+### Add a Routing Peer
+
+<Note>
+    For the purposes of High Availability of your resources, we recommend using `Routing Peer Group` as described in [the extended guide](/how-to/connecting-to-aws-vpc-ha). For the clarity of this guide, we proceed with a single `Routing Peer`.
+</Note>
+
+...screenshots...
+
+## Validation
+
+To be sure that everything works, we need to test access to AWS resources.
+
+### Create 
+
+... temporary ec2 instance ...
+
+<note>Public IP or Elastic IP</note>
+
+### Add a Resource
+
+... screenshots ...
+
+## Tear Down
+
+To avoid possible costs, remove created resources:
+
+* NetBird Router EC2 Instance
+* The EC2 Instance from validation step
+* the VPC if it was created