Can you use a signed URL with S3 VPC Endpoint?
1
Would traffic to S3 using a signed URL from an EC2 instance in a private subnet need to go over an established NAT Gateway / IGW, or could it use the S3 VPC endpoint?
Sprache
English
gefragt vor 8 Jahren2893 Aufrufe
1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
Yes. Access to objects stored in S3 accessed via a Signed URL work fine without a NAT Gateway or IGW if you have a VPC Endpoint for S3 configured and in use the the associated Route Table for the subnet.
Easy to verify by quickly building a VPC with Public & Private Subnets, bastion instance in Public Subnet, Isolated Instance in Private Subnet. Configure VPC Endpoint for S3 to be used by Private Subnets. Generate a signed URL for an object and try to use wget to retrieve it. Works fine.
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 2 Jahren- AWS OFFICIALAktualisiert vor 2 Jahren