TalksAWS re:Invent 2025 - Secure, Easy and Performant VPC Resource Connectivity with Tailscale (CDN201)

AWS re:Invent 2025 - Secure, Easy and Performant VPC Resource Connectivity with Tailscale (CDN201)

Secure, Easy and Performant VPC Resource Connectivity with Tailscale

The Pain of Connecting to Private VPC Resources

  • Connecting to private VPC resources is fraught with complexity:
    • VPC peering or transit gateways are required to connect VPCs
    • Limited visibility and control over connectivity
    • Costly operations like NAT gateways for cross-VPC traffic
    • Frustrating VPN experiences with connectivity issues and reboots

The Power of WireGuard

  • WireGuard is a modern, lightweight connectivity solution designed for today's dynamic networks
  • Key features:
    • Fewer bottlenecks, allowing full mesh connectivity
    • Smaller codebase for better performance and predictability
    • Self-healing connectivity that doesn't require reboots
    • Built-in cryptography and identity management

Tailscale: Simplifying Secure Connectivity

  • Tailscale is built on top of WireGuard, providing an easy-to-use solution for secure connectivity
  • Key capabilities:
    • SSO-driven identity embedded in the client
    • Works on any OS, device, or location without complex setup
    • Automatic NAT traversal, no need to open ports or firewall changes
    • Identity-based access control, not IP-based

Real-World Use Cases

  1. Remote Employee Access: Secure remote access to internal applications and resources
  2. Secure Automation: Enabling CI/CD pipelines and workflows to access internal systems
  3. Workload Connectivity: Securing and connecting AI/ML workloads across cloud boundaries
  4. Edge and IoT: Enabling remote management and telemetry for distributed devices
  5. Home Lab and Personal Use: Tailscale's generous personal tier for home and hobby use

Doing it Right vs. Doing it Wrong

  • Avoid too many layers of indirection and single points of failure
  • Security should be based on identity, not IP whitelisting
  • Prioritize a seamless developer experience for better productivity

Customer Success Stories

  • Cribble grew 25x with no dedicated IT resources, thanks to Tailscale
  • Hugging Face saved 240 hours annually on user onboarding
  • Callite saved 1,000 hours annually with fewer VPN issues
  • Instacart saw a 90% reduction in internal support requests

Technical Performance

  • 4x reduction in latency and 22x increase in throughput compared to traditional VPNs
  • Ability to saturate 10Gbps network interfaces with fully encrypted connectivity

Pricing and Availability

  • Tailscale offers a generous free personal tier (up to 3 users, 100 devices)
  • Booth 1818 has a special 3-month starter tier offer for conference attendees

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.