Can you use a signed URL with S3 VPC Endpoint?

1

Would traffic to S3 using a signed URL from an EC2 instance in a private subnet need to go over an established NAT Gateway / IGW, or could it use the S3 VPC endpoint?

AWS
jer
gefragt vor 8 Jahren3426 Aufrufe
1 Antwort
1
Akzeptierte Antwort

Yes. Access to objects stored in S3 accessed via a Signed URL work fine without a NAT Gateway or IGW if you have a VPC Endpoint for S3 configured and in use the the associated Route Table for the subnet.

Easy to verify by quickly building a VPC with Public & Private Subnets, bastion instance in Public Subnet, Isolated Instance in Private Subnet. Configure VPC Endpoint for S3 to be used by Private Subnets. Generate a signed URL for an object and try to use wget to retrieve it. Works fine.

AWS
EXPERTE
beantwortet vor 8 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen