- Newest
- Most votes
- Most comments
Hello,
Have you taken a look at this solution?
https://repost.aws/knowledge-center/vpc-endpoints-cross-region-aws-services
From the VPC FAQ:
Q. Does traffic go over the internet when two instances communicate using public IP addresses, or when instances communicate with a public AWS service endpoint?
No. When using public IP addresses, all communication between instances and services hosted in AWS use AWS's private network. Packets that originate from the AWS network with a destination on the AWS network stay on the AWS global network
The use of a public IP address on a network does not mean the traffic is necessarily going across the internet. What the statement above is saying is that the public IP addressing AWS uses is routed on the AWS network. If the traffic is between two IP addresses that are owned by AWS then it does not go over the internet.
So for your situation: You can have a Lambda function in one region access DynamoDB in another region and it stays on the AWS network - it does not go over the internet.
As for the DynamoDB VPC Gateway Endpoint: It is only accessible from within the VPC that it is created in which is why VPC peering won't work in this case.
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
It's not relevant.