Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Associate S3 VPC endpoint vs Gateway endpoint

  • S3 VPC endpoint vs Gateway endpoint

  • vinodache

    Member
    June 21, 2021 at 8:27 am

    Hi, Now that S3 supports VPC endpoint, for the below question should the answer be updated?

    Category: CSAA – Design Secure Applications and Architectures

    A local bank has an in-house application which handles sensitive financial data in a private subnet. After the data is processed by the EC2 worker instances, they will be delivered to S3 for ingestion by other services.

    How should you design this solution so that the data does not pass through the public Internet?

    In General, how do we decide to choose between VPC endpoint and gateway endpoint for S3 if both these options are available?

  • Carlo-TutorialsDojo

    Member
    June 22, 2021 at 12:26 am

    Hello vinodache,

    Thanks for your feedback. Yes. This question needs to be updated. Without any further conditions in the scenario, both the VPC interface endpoint and gateway endpoint is a valid answer, so we’ll need to work on that.

    In General, how do we decide to choose between the VPC endpoint and gateway endpoint for S3 if both these options are available?

    >> One of the key factors is cost. You don’t pay for gateway endpoints (only for data transfer), but you are charged per hour for every provisioned VPC interface endpoint. Also, Gate endpoints are scoped within a region, meaning it does not allow access from another AWS region. On the other hand, you can reach an interface endpoint from another region.

    I hope this is helpful. Let me know if you have any other queries.

    Regards,

    Carlo @ Tutorials Dojo

    • vinodache

      Member
      June 22, 2021 at 1:23 am

      Great. Thanks Carlo.

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now