By using AWS re:Post, you agree to the Terms of Use

VPC Interface Endpoint Limitation on one subnet per Availability Zone for "Enable Private DNS Name"


Per this, only one subnet per AZ can be used with "Enable Private DNS Name" option.

This is a show stopper for customer implementation as there are multiple subnets in a AZ customer want to use the endpoint. Specially, when customers have a solid use case for using SSM but don’t want to use internet for this.

Wondering, what is the suggested workaround and tentative plan to remove this limitation ?? As a workaround, may be creating a internal R53 entry , associating with the VPC and creating the service specific Cnames to resolve to the vpc endpoints ??? Would that work ??

1 Answer
Accepted Answer

Private DNS Name options applies to the entire VPC, any Instance in the VPC can resolve private DNS Name of interface endpoint via Amazon Provided DNS.

answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions