luhring
commented
5 years ago I like it! I can definitely see the use for that.
I'm envisioning that you'd specify an EC2 instance and an IP address from the remote (e.g. corporate) private network. Reach could then tell you what traffic is allowed, but it'd only be able to do so with respect to the AWS-side configuration, it couldn't access firewall rules on the remote network side, which may very well deny traffic flows that Reach reports to be allowed.
If there's any other context you think would be helpful, feel free to share!
Link for future reference: https://docs.aws.amazon.com/en_pv/vpn/latest/s2svpn/VPC_VPN.html
Supporting IP testing through site-to-site VPN endpoints would be cool !