Privatelink/Endpoints Flashcards
What is AWS PrivateLink?
AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet. Interface VPC endpoints, powered by PrivateLink, connect you to services hosted by AWS Partners and supported solutions available in AWS Marketplace.
What is needed to access third party VPCs/Provider VPC/AWS marketplace from your VPC?
VPC Endpoint
What is a Gateway Endpoint?
It provides reliable connectivity to Amazon S3 and DynamoDB without requiring an internet gateway or a NAT device for your VPC.
How do you restrict traffic on Gateway Endpoints?
Apply an Endpoint policy
Are Gateway Endpoints accessible to the internet?
No, they are considered private.
What is the charge for using Gateway Endpoints?
There’s no charge
Where do a Gateway Endpoint reside?
Inside the VPC it was created in.
After creating the Gateway Endpoint, what is added to the route table?
The gateway endpoint prefix list is automatically added to the route table and target.
If traffic is destined for an S3 bucket in a different region, will it take the gateway endpoint path or internet gateway path?
Since it is a different region, it will take the internet gateway path b/c prefix lists are specific to a region.
Between gateway endpoint and interface endpoint, which is considered highly available and managed by AWS?
Gateway endpoint
Gateway endpoint connects to two services. What are the services?
1) S3
2) Dynamo DB
Interface Endpoints connect to all AWS services, except what?
Dynamo DB
Interface endpoint only allows what type of L3 and L4 traffic?
IPv4
TCP
Interface Endpoints are considered what in a VPC?
VPC network interface
What are the steps to configuring a Gateway Endpoint to access a S3 bucket?
