AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Pricing for traffic within a region EC2 <-> S3

0

Hello, I need to connect multiple S3 buckets to my EC2 instance. The buckets and the ec2-instance are in the same region (eu-central-1).

According to the price list, internal data traffic between EC2 and S3 in the same region is free. Correct?

Which address is required internally? Also, s3.eu-central-1.amazonaws.com?

주제
스토리지
태그
아마존 심플 스토리지 서비스
언어
English
Hacky
질문됨 5달 전247회 조회
3개 답변
0

Ok, thanks for the detailed answer.

I don't have much experience with VPC endpoints yet.

I create an endpoint to com.amazonaws.eu-central-1.s3 as gateway and what happens next?

How can I then access S3 from my EC2-instance via the endpoint?

Hacky
답변함 5달 전
  • Steve_M 전문가
    5달 전

    Lots of detail in here, but it's worth persevering with https://aws.amazon.com/blogs/architecture/choosing-your-vpc-endpoint-strategy-for-amazon-s3/

    Without endpoints, EC2's access to the bucket goes out to the internet gateway (possibly via NAT Gateway), and from there across the public internet to the bucket. All uploads and downloads have to take that path.

    With an endpont, it's as if the bucket is another resource in your VPC. Everything remains within AWS and never touches the public internet.

0

Ok, I read the article and that's how I understand it:

  1. I create a endpoint in my VPC, type: gateway s3.eu-central-1
  2. I chance my routing table with the CIRDs of the S3-service in eu-central-1.
  3. Any s3 data traffic from my ec2-instance routed directly internally via the VPC and the S3 gateway.

From my instance, I make a "ping" to s3.eu-central-1.amazonaws.com. Now, ping gives me a IP address. The IP address is contained in the routing table.

How can I still check whether the traffic is really routed internally and not via the Internet gateway?

And, configuration ok?

Hacky
답변함 5달 전
  • mukul
    5달 전

    Hello Hacky,

    To check whether the traffic is flowing through VPC Endpoint or not, please refer to: https://repost.aws/knowledge-center/vpc-check-traffic-flow.

    Also if you have followed the steps provided by Steve, then your configuration will be OK. Without reviewing the config it is hard to say if it is correct or not.

0

Hello Hacky,

If you are transferring the data to S3 bucket directly using the DNS address, the regardless of the the location of the bucket, you will be charged for data transfer as EC2 has a data transfer out charges as the data transfer will be considered as transfer out to internet. The pricing details are here.

However to eliminate the data transfer out charges, you can set up a VPC endpoint for your S3 bucket. That will ensure that the traffic flows over AWS network and remains secure.

AWS
mukul
답변함 5달 전
profile picture
전문가
MaxCloud
검토됨 5달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠