By using AWS re:Post, you agree to the Terms of Use

VPC Interface Endpoint Limitation on one subnet per Availability Zone for "Enable Private DNS Name"

0

Per this, only one subnet per AZ can be used with "Enable Private DNS Name" option.

This is a show stopper for customer implementation as there are multiple subnets in a AZ customer want to use the endpoint. Specially, when customers have a solid use case for using SSM but don’t want to use internet for this.

Wondering, what is the suggested workaround and tentative plan to remove this limitation ?? As a workaround, may be creating a internal R53 entry , associating with the VPC and creating the service specific Cnames to resolve to the vpc endpoints ??? Would that work ??

1 Answer
0
Accepted Answer

Private DNS Name options applies to the entire VPC, any Instance in the VPC can resolve private DNS Name of interface endpoint via Amazon Provided DNS.

answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions