Vpc endpoint costs vs NAT gateway

0

I see a lot of pricing details for VpC endpoint and NAT GW. S VPC peering. How can I make a good decision in terms of cost optimization. How can I know which one fits my environment in terms of costs ?

2 Answers
2
Accepted Answer
  1. First, determine the major sources of traffic through your NAT gateway. If they're not, then create new NAT gateways in the same AZ as the resource to reduce cross-AZ data transfer charges.
  2. Determine whether the instances sending the most traffic are in the same Availability Zone (AZ) as the NAT gateway.
  3. Determine whether the majority of your NAT gateway charges are from traffic to Amazon Simple Storage Service or Amazon DynamoDB in the same Region. set up a gateway VPC endpoint will save you money.
  4. f most traffic through your NAT gateway is to AWS services that support interface VPC endpoints, then create an interface VPC endpoint for the services. Mode details: https://aws.amazon.com/premiumsupport/knowledge-center/vpc-reduce-nat-gateway-transfer-costs/

Basically you should know your network and traffic. Setting up VPC endpoint and not using them properly will incur a lot of unwanted costs. You need to make changes to your route table if creating VPC endpoints. In addition for your VPC to VPC traffic peering would definitely reduce your costs rather than using Internet Gateway. Overall the answer is there is no one rule that applies to all , you need to have a good understanding of your network traffic to be able to design in properly. Generally VPC gateway endpoints where possible should be your number one consideration then VPC endpoint interfaces, then NAT gateways. Also A peering connection enables you to route traffic via private IP addresses between two peered VPCs. VPC Endpoints: Enables private connectivity to services hosted in AWS, from within your VPC without using an Internet Gateway, VPN, Network Address Translation (NAT) devices, or firewall proxies so they have different use cases.

AWS
mojtoth
answered a year ago
profile pictureAWS
EXPERT
reviewed a year ago
profile pictureAWS
EXPERT
kentrad
reviewed a year ago
0
  • VPC endpoints are advised for a better security when you want to reach an AWS service. See here for a deep dive on cost depending on the pattern you choose.
  • If you need a NAT Gateway to reach the Internet, then a good way to decrease the cost is to use a centralized model, see here.
AWS
Vincent
answered a year ago
profile pictureAWS
EXPERT
kentrad
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions