Route tables for Using Amazon Managed Prometheus with interface VPC endpoints
Hi guys,
My team is looking to setup EKS cluster in private subnet in VPC in US-east-2 region while we need to setup monitoring that EKS Cluster, I used to Amazon Managed Prometheus (AMP) and Amazon Managed Grafana. We have considered two approaches:
Option 1: Setup a private subnet in VPC through NAT gateway. This solution is work well.
Option 2: I follow guide https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-and-interface-VPC.html but not working. Interface VPC Endpoint to Amazon Managed Prometheus (AMP). I think I have to config routes table follow picture bellow but I don't see Destination of AMP. Can somebody help me please? Thanks
- 新しい順
- 投票が多い順
- コメントが多い順
Interface endpoints for AWS services do not show up as a destination in a route table. Instead, they appear as network interfaces in your VPC. In this case, your VPC has a 10.194.0.0/16 address; the endpoints will have IP addresses in that range.
To use the endpoints you must use the appropriate DNS name for the endpoint. This is mentioned in the documentation page you link to above: You need to set up your application to use that name which will be com.amazonaws.region.aps-workspaces or com.amazonaws.region.aps depending on what you're trying to do. The DNS names will resolve to the 10.194.x.x address in your VPC and from there it will work as expected.
Hi @Brettski@AWS,
I try it but invalid Destination
Please suggest me Another solution.
No, you cannot route to an Interface Endpoint. In your application, put the private DNS name of the endpoint as it is displayed in the console (where you created the endpoint). For example, if you're using Python and boto3 you must specify the
endpoint_urlas per the documentation.
invalid Destination. Please see picture below my answer.