通过AWS Endpoints从内网访问S3

AWS S3作为非结构化数据的存储,经常会有内网中的app调用的需求。S3默认是走公网访问的,如果内网app通过公网地址访问S3并获取数据会消耗公网带宽费用。如下图所示:

AWS 提供了一种叫做endpoints的资源,这种资源可以后挂S3服务,使得内网服务可以不出公网访问S3.

VPC endpoints for Amazon S3 simplify access to S3 from within a VPC by providing configurable and highly reliable secure connections to S3 that do not require an internet gateway or Network Address Translation (NAT) device. When you create a S3 VPC endpoint, you can attach an endpoint policy to it that controls access to Amazon S3.

创建endpoints时,如果是S3,需选择gateway类型。

There are three types of VPC endpoints -- Interface endpoints, Gateway Load Balancer endpoints, and Gateway endpoints. Interface endpoints and Gateway Load Balancer endpoints are powered by AWS PrivateLink, and use an Elastic Network Interface (ENI) as an entry point for traffic destined to the service. Interface endpoints are typically accessed using the public or private DNS name associated with the service, while Gateway endpoints and Gateway Load Balancer endpoints serve as a target for a route in your route table for traffic destined for the service.

创建完成后(按需配置VPC,route table等),即可使用https://{{bucket-name}}.s3.ap-southeast-1.amazonaws.com通过aws内网(骨干网)访问S3了。

图片参考:https://www.youtube.com/watch?v=jo3X_aay4Vs

相关推荐
A小辣椒12 天前
AWS Clould Support Engineer就职面试题
aws
亚林瓜子14 天前
AWS WAF中如何放行某个触发了托管规则的接口
aws·waf
悠悠1213816 天前
AWS DevOps Agent 体验一周后,我决定把 oncall 手机调成静音了
云计算·aws·devops
yyuuuzz16 天前
独立站运营的几个技术层面常见问题
大数据·运维·服务器·网络·数据库·aws
yyuuuzz16 天前
游戏云服务器推荐的技术选择思路
大数据·运维·服务器·游戏·云计算·aws
kernelcraft18 天前
Boto3:Python 操作 AWS 的官方 SDK
开发语言·python·其他·aws
普通网友25 天前
Serverless 框架:多云函数部署(AWS + 阿里云 + 腾讯云)
阿里云·serverless·aws
TG_yunshuguoji25 天前
亚马逊云代理商:如何用 CloudWatch+Lambda 打造自动化告警系统
大数据·运维·自动化·云计算·aws
yyuuuzz25 天前
独立站搭建的几个核心技术问题
运维·服务器·网络·数据库·aws
yyuuuzz25 天前
aws亚马逊云服务的基础认知与常见场景
大数据·运维·服务器·网络·云计算·aws