- Newest
- Most votes
- Most comments
Hello.
The VPC gateway endpoint does not go through an internet gateway because it can access S3 and DynamoDB even in a VPC without an internet gateway.
https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-endpoints.html
Gateway type cannot be used for connections from outside the VPC.
For example, it is not possible to make a VPN connection with on-premises and access S3 via the gateway VPC endpoint.
If you want communication from on-premises to go through a VPC endpoint, you need to create an interface-type VPC endpoint.
https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html
Amazon S3 supports both gateway endpoints and interface endpoints. With a gateway endpoint, you can access Amazon S3 from your VPC, without requiring an internet gateway or NAT device for your VPC, and with no additional cost. However, gateway endpoints do not allow access from on-premises networks, from peered VPCs in other AWS Regions, or through a transit gateway. For those scenarios, you must use an interface endpoint, which is available for an additional cost. For more information, see Types of VPC endpoints for Amazon S3 in the Amazon S3 User Guide.
Relevant content
- asked 5 months ago
- asked a year ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
