目次
What is a VPC endpoint?
Services inside and outside the VPC
EC2 instances are a service within the VPC, while S3 is a service outside the VPC as it is located in a region.
VPC endpoints allow services inside the VPC to connect to AWS services outside the VPC without going through the Internet.
Secure communication is possible because it does not involve the Internet.
VPC endpoints have two types of connection formats
Gateway type
A VPC endpoint (gateway type) is a gateway that is the target of a specified Route in the Route table. It is used for traffic destined to supported AWS services.
The following AWS services are supported
- Amazon S3
- DynamoDB
PriveteLink type (private link type)
A VPC endpoint (private-linked) is an Elastic Network Interface with a private IP address that serves as the entry point for traffic destined for supported services.
The following services are supported
Amazon API Gateway
Amazon CloudWatch
Amazon CloudWatch Events
Amazon CloudWatch Logs
AWS CodeBuild
Amazon EC2 API
Elastic Load Balancing API
AWS Key Management Service
Amazon Kinesis Data Streams
Amazon SageMaker Runtime
AWS Secrets Manager
AWS Service Catalog
Amazon SNS
AWS Systems Manager
Endpoint services hosted by other AWS accounts
Supported AWS Marketplace Partner Services
