Amazon VPC - Endpoints



Amazon VPC Endpoint allows the users to connect their VPC in private to the supported AWS services and to the VPC endpoint services that are powered by AES PrivateLink, without requiring an Internet Gateway, NAT device, VPN connection, or AWS Direct Connect.

VPC endpoints provide a more secure and efficient way to interact with AWS services because all traffic between your VPC and the services remains within the AWS network.

Types of VPC Endpoints

There are two types of VPC Endpoints −

1. Interface Endpoints

These VPC endpoints create an elastic network interface in your subnet that connects to services via AWS PrivateLink. Examples of supported services include Amazon S3, DynamoDB, and many others.

2. Gateway Endpoints

These VPC endpoints are for specific AWS services such as Amazon S3 and DynamoDB. They are more like route table entries that direct traffic from your VPC to the specified AWS service.

How to Set Up and Use VPC Endpoints?

The process of setting up and using VPC Endpoints in your VPC is very simple. Follow the steps given below −

Step 1: Open the VPC Management Console

First, you need to sign in to the AWS Management Console. In the search bar, type VPC, and select VPC Dashboard.

Step 2: Choose VPC Endpoints

Now, check the left-hand navigation pane. Click on Endpoints under Virtual Private Cloud. To create VPC endpoints, click the Create Endpoint button.

Step 3: Select the AWS Service

Now, in the Service Name section you need to select the AWS service you want to connect to. For example, Amazon S3 or DynamoDB.

  • For Amazon S3 and DynamoDB, you will need to create a Gateway Endpoint.
  • For other services, such as EC2 or SQS, you will use an Interface Endpoint.

Step 4: Choose the VPC

Now, go to the VPC section and select the VPC in which you want to create the endpoint.

First, choose the subnets in which you want the interface for the endpoint to be created. It is only for Interface Endpoints.

For Gateway Endpoints, you need to choose route tables instead of subnets, which will add the endpoint as a route in your route table.

Step 5: Create the Endpoint

Once you have set the configurations, click the Create Endpoint button. Amazon AWS will create the VPC Endpoint, and youll see it in the Endpoints list.

Step 6: Modify Route Tables (For Gateway Endpoints Only)

This step is required if you are creating a Gateway Endpoint.

First, go to Route Tables in the VPC Dashboard. Find the route table associated with the subnets that need access to the service. Finally, add a route for the selected AWS service pointing to the VPC Gateway Endpoint.

Advertisements