Can you use a signed URL with S3 VPC Endpoint?
1
Would traffic to S3 using a signed URL from an EC2 instance in a private subnet need to go over an established NAT Gateway / IGW, or could it use the S3 VPC endpoint?
質問済み 8年前2892ビュー
1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Yes. Access to objects stored in S3 accessed via a Signed URL work fine without a NAT Gateway or IGW if you have a VPC Endpoint for S3 configured and in use the the associated Route Table for the subnet.
Easy to verify by quickly building a VPC with Public & Private Subnets, bastion instance in Public Subnet, Isolated Instance in Private Subnet. Configure VPC Endpoint for S3 to be used by Private Subnets. Generate a signed URL for an object and try to use wget to retrieve it. Works fine.
関連するコンテンツ
AWS公式更新しました 2年前
