Introduction
Connect S3 bucket via VPC Endpoint in AWS can help you access objects fast from S3 Bucket. A VPC Endpoint establishes a connection to connect your VPC to supported AWS services privately, it doesn’t require public IP addresses, access over the Internet, NAT device, a VPN connection, or AWS Direct Connect. VPC Endpoint policy is an IAM resource policy attached to an endpoint for controlling access from the endpoint to the specified service. by default, allows full access to the service
Connect S3 Bucket via Vpc Endpoint
We have two public and private subnets within the vpc. One of the public Ec2 instances wants to access the S3 bucket. Ec2 public instance will first go to the internet first then Amazon S3 and get the object. But if your private Ec2 wants to get some object from S3. It won’t be able to do so, because it has private IP.
An application running on EC2 instances processes sensitive information stored on Amazon S3. The information is accessed over the Internet. You are concerned that the Internet connectivity to Amazon S3 is a security risk in that scenario you can go with VPC Endpoint.
Create Endpoint
- Search endpoint in you aws search box.
- Click on create endpoint.
- Select service category as AWS services and seach for S3 gateway.
- Select your vpc and route table you want to add endpoint.
- Add policy to full acess or custom
- Click on create
so we have used “aws s3 ls ” command to list the s3 bucket. we don’t have any bucket created so it is showing nothing. let’s create a bucket.
Conclusion:
I hope you are available to Connect S3 Bucket via VPC Endpoint in AWS
Curious to learn more about this please visit: https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-service.html
