Can you use a signed URL with S3 VPC Endpoint?

1

Would traffic to S3 using a signed URL from an EC2 instance in a private subnet need to go over an established NAT Gateway / IGW, or could it use the S3 VPC endpoint?

AWS
jer
preguntada hace 8 años3411 visualizaciones
1 Respuesta
1
Respuesta aceptada

Yes. Access to objects stored in S3 accessed via a Signed URL work fine without a NAT Gateway or IGW if you have a VPC Endpoint for S3 configured and in use the the associated Route Table for the subnet.

Easy to verify by quickly building a VPC with Public & Private Subnets, bastion instance in Public Subnet, Isolated Instance in Private Subnet. Configure VPC Endpoint for S3 to be used by Private Subnets. Generate a signed URL for an object and try to use wget to retrieve it. Works fine.

AWS
EXPERTO
respondido hace 8 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas