Many companies migrate to AWS from isolated or semi-isolated network environments such as on-premises data centers or other cloud or hybrid infrastructures. Such isolated networks typically do not allow any egress traffic to external endpoints, which is required for migration over the network. Other companies do allow HTTPS egress traffic from their internal networks but do not permit specific communications on network ports required by AWS Application Migration Service, which is the primary AWS service for large lift-and-shift migrations. In a third scenario, HTTPS traffic is allowed from both source and staging areas, but data replication traffic is required to go over the private channel for compliance reasons.
