By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

S3 access over VPN

0

From on-premises, if a customer wants to access S3 through their Storage Gateway over a VPN connection bypassing the S3 public endpoint, is the only option to setup a proxy server fleet on EC2 and use the S3 endpoint in the VPC? I'm looking for alternate, simpler approaches if there are any.

Topics
Storage
Tags
Amazon Simple Storage ServiceAWS Storage Gateway
Language
English
AWS-User-8119043
asked 5 years ago1933 views
1 Answer
0
Accepted Answer

Gateway endpoints (S3, DynamoDB) cannot be extended outside of a VPC (https://docs.aws.amazon.com/vpc/latest/userguide/vpce-gateway.html#vpc-endpoints-limitations ).

We used to publish a design pattern that talks about using an ASG fleet of proxy servers inside the VPC to provide this connectivity, however the blog post has been removed, and the only link I can find is this one: https://d0.awsstatic.com/aws-answers/Accessing_VPC_Endpoints_from_Remote_Networks.pdf

The design pattern works and is used by lots of customers, but obviously has additional service / management costs to consider.

profile pictureAWS
EXPERT
Brettski-AWS
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content