Using DataSync with either Public or VPC Endpoints

0

Do VPC Endpoints offer any added security (compared with Public Endpoints) when using AWS DataSync to transfer data from on-premises to AWS storage (e.g. Amazon FSx for Windows File Server?) I believe data transfers between the on-prem DataSync agent and the AWS DataSync services are HTTPS (TLS-encrypted)?

1 個回答
0

Wherever possible using VPC endpoints is always recommended approach, it is a secure way of consuming a service. relevent statements from DataSync documentation:

When you use a VPC endpoint, your DataSync agent communicates directly with AWS without crossing the public internet. Data is transferred using AWS Direct Connect or a virtual private network (VPN).

You can now deploy AWS DataSync within your Amazon Virtual Private Cloud (Amazon VPC) using VPC endpoints. With this feature, data transferred between the DataSync agent and AWS service doesn’t need to traverse the public internet or need public IP addresses, increasing the security of data as it is copied over the network. VPC endpoints for DataSync are powered by AWS PrivateLink, a highly available, scalable technology that enables you to privately connect your VPC to supported AWS services.

profile pictureAWS
專家
已回答 1 年前
  • Thanks for the feedback. Should I assume that encrypting data in transit using HTTPS over the public Internet offers less security?

  • If there is a possibility to avoid public internet and connect via DX or VPN that is always recommended.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南