VPC endpoint¶

• Endpoints allow you to connect to AWS Services using a [[private network]] instead of the [[public network]].
• They scale horizontally and are [[redundant]]
• They remove the need of Internet Gateway & Route tables, [[NAT]], etc to access AWS Services
• Interface: provisions an [[ENI]] (private IP address) as an entry point (must attach Security Group) - most AWS service.
• [[Gateway]]: provisions a target and must be used in a Route Table - AWS S3 and DynamoDB
• In case of issues:
  • Check [[DNS Setting Resolution]] in your VPC
  • Check Internet Gateway & Route tables

Now the [[Private Subnet]] should have access to AWS S3 without any internet access (if we remove that Internet Gateway & Route tables), provided the AWS EC2 instance has the correct IAM permissions.