Internet traffic - PrivateLink vs Public endpoint

0

I have a use case to connect to a third party service which is also hosted on AWS. the third part can provide public end points as well through private link. My question is if the data will traverse over the internet when we connect to the public endpoint ? If not why or when should we use private link ?

AWS
asked 25 days ago338 views
1 Answer
3
Accepted Answer

Data between two public IPs on AWS traverses the AWS backbone, with exception of china. You can see this by noticing that data between public IPs is charged data transfer inter-region (DTIR) and not internet data transfer out (DTO).

With regards to when or why use Private link ? well, it depends . Here are some aspects that you can think about when deciding on whether to sue private link or not

  • Private Link allow you to connect using private IPs which may be needed for regulatory reasons.
  • You can use endpoint policies for control . Further more, if you want to control what resources connect to from the VPC, VPC endpoints are much easier to control in that regard than using a firewall with the internet gateway.
  • Cost - if you use NAT Gateway, to egress through IGW from the VPC, VPC endpoints will be less expensive. for cross region connections to endpoints you can use VPC peering or TGW to an endpoint in that region. At scale (for example 10 VPC or more), you can further cost optimize by using centralize VPC endpoints to help make control of distributed networks easier or reduce hourly charges.

Hope this helps.

AWS
answered 25 days ago
profile picture
EXPERT
reviewed 25 days ago
profile picture
EXPERT
A_J
reviewed 25 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions