By using AWS re:Post, you agree to the Terms of Use

Private DNS name for S3 VPC endpoint


Good afternoon,

I have deployed an interface VPC endpoint for S3 and I would like to map it to my internal domain (e.g. s3.example.local). I have created a private PHZ and created an ALIAS record pointing to my VPC endpoint. This works; however I'm getting a TLS error because the certificate name doesn't match my internal name. I see the certificate assigned to the VPC endpoint is specific to the endpoint, so I was wondering if there was a way to somehow include a custom name into that certificate?

The other alternative I see would be to ignore SSL verification checks, but obviously I would like to avoid this.

Thanks! Fred.

1 Answer

You're correct, you can't assign a Private DNS name to the S3 interface endpoint. It's called out in the documentation. You have to either use the name or (as you suggest) disable SSL verification but that's not recommended.

profile picture
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions