×
Cloud Computing Cloud Services Virtualization

Steps to create VPC Endpoint for Amazon S3

In this blog, we will show you the steps to create VPC Endpoint for Amazon S3.

VPC ENDPOINT OVERVIEW

  • If we transfer the files from EC2 to S3 it will transfer through the Internet.
  • We can also able to transfer the files from Ec2 to S3 through internal traffic when both resources are in the same region.
  • There are two types of Endpoints are available in AWS Environment. They are Gateway & Interface.
  • Earlier, When an EC2 instances try to access the public resources like S3 the traffic need to be pass-through Internet Gateway (or) NAT Gateway.
  • To simplify the approach, AWS introduced a feature called as VPC Endpoint.
  • VPC Endpoint provides highly reliable and secure connections to services like S3.
  • EC2 instance within private VPC can now connect to such services without NAT Gateway.

DEMO ENVIRONMENT OVERVIEW

 

  • We have 1 VPC and 2 subnets named Public subnet and Internal Subnet in a different availability zone.

Steps to create VPC Endpoint for Amazon S3

Steps to create VPC Endpoint for Amazon S3

 

  • We have added the internet gateway only for Public subnet.

Steps to create VPC Endpoint for Amazon S3

 

  • Also, there is no internet connectivity for Internal subnet.

Steps to create VPC Endpoint for Amazon S3

 

  • We have also created two EC2 Instances, one with Public IP

Steps to create VPC Endpoint for Amazon S3

 

  • Another one will have only Internal IP.

Steps to create VPC Endpoint for Amazon S3

 

  • We will use the Jump-server as a proxy to connect the Internal-Windows instance.

Steps to create VPC Endpoint for Amazon S3

Steps to create VPC Endpoint for Amazon S3

 

CREATING THE ENDPOINT

 

  • Go to VPC Dashboard and click on Endpoints under Virtual Private Cloud.

Steps to create VPC Endpoint for Amazon S3

 

  • Click on Create Endpoint button.

Steps to create VPC Endpoint for Amazon S3

 

  • Select the service category as AWS services and service name as com.amazonaws.ap-south-1.s3.

Steps to create VPC Endpoint for Amazon S3

 

  • Select the correct VPC from the drop-down list.

Steps to create VPC Endpoint for Amazon S3

 

  • Select the routing table which has to enable only Internal access. In our case, we select the Internal Subnet routing table.

Steps to create VPC Endpoint for Amazon S3

 

  • Leave the default policy settings and click on Create Endpoint.

Steps to create VPC Endpoint for Amazon S3

 

  • Endpoint created successfully.

Steps to create VPC Endpoint for Amazon S3

 

  • Also, there will be a new entry in the routing table for this internal subnet.

Steps to create VPC Endpoint for Amazon S3

 

VERIFICATION

 

  • We access the Internal-windows instance from jump-server through RDP.

Steps to create VPC Endpoint for Amazon S3

 

Steps to create VPC Endpoint for Amazon S3

 

  • Also, you have to configure your AWS IAM account before accessing the S3 bucket.

Steps to create VPC Endpoint for Amazon S3

 

  • Open the command prompt and type the below command to list the available buckets in your S3.

Syntax: aws s3 ls –region <your region name>

Example: aws s3 ls –region ap-south-1

Steps to create VPC Endpoint for Amazon S3

 

  • We are able to see the list of buckets available in the S3. Type the below command to list the files inside a bucket.

Syntax: aws s3 ls s3://<bucket name> –region <your region name>

Example: aws s3 ls s3://internalbucket-1 –region ap-south-1

Steps to create VPC Endpoint for Amazon S3

Thanks for reading this blog. We hope it was useful for you to learn about creating VPC Endpoint for Amazon S3.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.