Route tables for Using Amazon Managed Prometheus with interface VPC endpoints

Question

Hi guys,

My team is looking to setup EKS cluster in private subnet in VPC in US-east-2 region while we need to setup monitoring that EKS Cluster, I used to Amazon Managed Prometheus (AMP) and Amazon Managed Grafana. We have considered two approaches:

**Option 1**: Setup a private subnet in VPC through NAT gateway. This solution is work well.

**Option 2**:  I follow guide https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-and-interface-VPC.html ***but not working***. Interface VPC Endpoint to Amazon Managed Prometheus (AMP). I think I have to config routes table follow picture bellow but I don't see Destination of AMP. Can somebody help me please? Thanks

![AMP Routes Table](https://repost.aws/media/postImages/original/IMx8az8fMLQNOAQCyVuSUVew)

Answer

Interface endpoints for AWS services do not show up as a destination in a route table. Instead, they appear as network interfaces in your VPC. In this case, your VPC has a 10.194.0.0/16 address; the endpoints will have IP addresses in that range.

To use the endpoints you must use the appropriate DNS name for the endpoint. This is mentioned in the documentation page you link to above: You need to set up your application to use that name which will be `com.amazonaws.region.aps-workspaces` or `com.amazonaws.region.aps` depending on what you're trying to do. The DNS names will resolve to the 10.194.x.x address in your VPC and from there it will work as expected.

Answer

Hi @Brettski@AWS,

I try it but invalid Destination

![Invalid Destination](https://repost.aws/media/postImages/original/IMxf4-YsyKR6mX_orLJISp-Q)

Please suggest me Another solution.

Route tables for Using Amazon Managed Prometheus with interface VPC endpoints

Relevant content