내용으로 건너뛰기
AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post
re:Post 소개

Restricting AWS Service Access with VPC Endpoint Policies

0

We're using S3 and Bedrock from our production VPC, and the security team has asked us to restrict the resources and actions callable through VPC Endpoints to the minimum necessary privileges.

For example, we want the S3 VPC Endpoint to only allow access to specific buckets, and the Bedrock VPC Endpoint to only allow inference API calls for specific models. Is this achievable with VPC Endpoint Policies?

주제
스토리지네트워킹 및 콘텐츠 전송
태그
아마존 VPC아마존 S3 액세스 그랜트
언어
English

질문됨 2달 전130회 조회

1개 답변
2
수락된 답변

Yes, VPC Endpoint Policies allow you to granularly restrict the resources and actions for API calls passing through the endpoint.

It's important to understand that VPC Endpoint Policies don't replace IAM policies — they act as an additional filter. A call must be allowed by both the IAM policy and the VPC Endpoint Policy to succeed.

Example 1: S3 Gateway Endpoint — Allow Only a Specific Bucket

Apply the following policy to the S3 Gateway Endpoint:

  • Action: s3:GetObject, s3:PutObject, s3:ListBucket
  • Resource: arn:aws:s3:::my-prod-data-bucket and arn:aws:s3:::my-prod-data-bucket/*
  • This ensures that no bucket other than my-prod-data-bucket can be accessed through this VPC's S3 Endpoint. Even if IAM grants permissions to other buckets, the Endpoint Policy blocks them.

Example 2: Bedrock Runtime Interface Endpoint — Allow Only Specific Models

Apply the following policy to the com.amazonaws.<region>.bedrock-runtime endpoint:

  • Action: bedrock:InvokeModel, bedrock:InvokeModelWithResponseStream, bedrock:Converse, bedrock:ConverseStream
  • Resource: Specify only specific model ARNs (e.g., anthropic.claude-sonnet-4-20250514-v1:0, amazon.titan-embed-text-v2:0)

Important Notes

  • When you write an Endpoint Policy as Allow-based (allowlist), all resources/actions not explicitly allowed are implicitly denied.
  • If using Cross-Region Inference Profiles, the Resource ARN takes the form arn:aws:bedrock:<region>:<account-id>:inference-profile/*, which must be allowed separately.
  • For S3 Gateway Endpoints, adding the aws:sourceVpce condition key to the S3 Bucket Policy lets you restrict access on the bucket side to only allow traffic through that specific VPC Endpoint.
  • Endpoint Policy changes may take a few seconds to a few minutes to propagate. Wait briefly before testing.
  • If you're currently running with a Full Access policy (Allow *), suddenly applying a restrictive policy can cause service outages. It's recommended to first analyze actual call patterns in CloudTrail, then add only the necessary actions/resources to the allow list.
AWS

답변함 2달 전

전문가

검토됨 2달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

관련 콘텐츠