AWS provides two main types of VPC Endpoints that allow you
to privately connect your VPC to supported AWS services without needing an
internet gateway, NAT device, VPN connection, or AWS Direct Connect. These
types are:
1. Interface
Endpoints
- Description:
Interface Endpoints use Elastic Network Interfaces (ENIs) within your VPC to
connect to AWS services privately.
- How it works:
Each interface endpoint has a private IP address and connects to AWS services
through these ENIs, effectively extending the service into your VPC.
- Common Use:
They’re used for connecting to most AWS services, like Amazon S3, DynamoDB, EC2,
etc.
- Supported AWS
Services: Wide range, including API Gateway, CloudWatch, and others.
2. Gateway Endpoints
- Description:
Gateway Endpoints route traffic to AWS services via route tables within the VPC
without requiring an additional ENI.
- How it works:
They use VPC route tables to direct traffic through the endpoint, essentially
acting as a gateway.
- Common Use:
Primarily for connecting to Amazon S3 and DynamoDB.
- Supported AWS
Services: Limited to S3 and DynamoDB only.
Here is the image illustrating the two types of AWS VPC
Endpoints: Interface Endpoints and Gateway Endpoints, showing how they connect
within a VPC to AWS services. Let me know if you need further clarification on
any specific part!
