VPC Endpoints - vedratna/aws-learning GitHub Wiki

It is used to call/reference aws services inside aws VPC. Mainly used inside private subnet to use aws services endpoints without going to Internet. There are two types of VPC endpoints available.

• Gateway Endpoints: This is regional and highly available. You need to create only one per service in a region. Only s3 and dynamodb support it.
• Interface Endpoints (Private Link):

• This is nothing but ENI that points to private IP address of aws service.
• Because it is ENI, it would be single AZ and not highly available. You need to have separate Interface Endpoints for each AZ.
• Generally Interface Endpoints have separate url to connect to aws service endpoint than public endpoints.
• Public endpoints of aws services map to public IP and hence goes to Internet for connectivity. However you can enable private DNS while creating Interface endpoint, that map public endpoint to private IP address and doesn't need Internet for connectivity even through public endpoint.