Can you use a signed URL with S3 VPC Endpoint?

1

Would traffic to S3 using a signed URL from an EC2 instance in a private subnet need to go over an established NAT Gateway / IGW, or could it use the S3 VPC endpoint?

AWS
jer
已提问 8 年前3405 查看次数
1 回答
1
已接受的回答

Yes. Access to objects stored in S3 accessed via a Signed URL work fine without a NAT Gateway or IGW if you have a VPC Endpoint for S3 configured and in use the the associated Route Table for the subnet.

Easy to verify by quickly building a VPC with Public & Private Subnets, bastion instance in Public Subnet, Isolated Instance in Private Subnet. Configure VPC Endpoint for S3 to be used by Private Subnets. Generate a signed URL for an object and try to use wget to retrieve it. Works fine.

AWS
专家
已回答 8 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则