How to Create AWS VPC Endpoints? A Step-By-Step Guide
The following are the step by step guide for creating AWS VPC Endpoints:
Step 1: Login in to AWS Management Console
- Go the AWS Management Console of AWS Account and login with your credentials
- After login in to your Account you will be landed on the Console Home.
Step 2: Navigate to AWS VPC Dashboard
- Search for “AWS VPC” in the search panel.
- On clicking on AWS VPC, you will be directed to AWS VPC Dashboard Page.
Step 3: Select Endpoints from the Navigation Pane
- In this VPC Dashboard, locate to the “Endpoints” option in the navigation pane.
- Choose the VPC Endpoints at the left panel. Click on Create Endpoint.
Step 4: Create Endpoint
- On Clicking on the create Endpoint button, it starts the creation process of endpoint.
Step 5: Choose Service
Select the AWS service for which you want to create a VPC Endpoint such as it can be any AWS Services like Amazon S3, AWS DynamoDB or others. Here we are choosing Amazon S3 in particular “com.amazonaws.ap-south-1.s3“
Step 6: Configure Endpoint
- Configure the endpoint settings including the VPC and subnet where the endpoint should reside and any security groups to attach to the endpoint.
- Update the Policy if you wanna restrict access through this endpoint or else leave Full Access. Click on Create.
- Endpoint route, and now you will be able to interact with S3 Service, here instead of traversing the traffic through a After attaching the endpoint to the route tables, the subnets which have that route table will have access to S3 now.
Step 7: Review and Create
- Now we can create an EC2 instance with the VPC and the subnet which has an Amazon S3 public IP address (internet), it will be traversed via VPC endpoint.
Step 8: Verify Endpoint Creation
- Once the endpoint has created, verify its status in the Endpoints dashboard. It should shows as “Available” if the creation was successful.
Step 9: Test Endpoint
- Finally test the endpoint by attempting to access the associated AWS Service from the resources within your VPC. If you configured the correctly the endpoint should allow secure and private communication with the AWS Service without requiring the internet access.
AWS VPC Endpoint
Deploying your application in the AWS VPC which doesn’t have an internet connection by default, and the application is required to communicate with S3 service for reading the files and writing the files, in this scenario to make the application communicate with S3, we need a route for public internet using either NAT Gateway, Internet Gateway, or AWS Direct Connect. What if you don’t want to expose any requests being made inside this application to go through the internet?, here comes the concept of VPC Endpoints.
Table of Content
- What are AWS VPC Endpoints?
- AWS VPC Endpoints Architecture
- Types of VPC Endpoints
- What are shared Subnets?
- How to Create AWS VPC Endpoints? A Step-By-Step Guide
- What Are Service Providers?
- What Are Service Consumers?
- What are AWS PrivateLink Connections?
- What are Private Hosted Zones?
- AWS VPC Services List
- AWS VPC Endpoint Pricing
- AWS VPC Endpoint vs Endpoint Service
- Examples of AWS VPC Endpoint
- AWS VPC EndPoint – FAQs