Skip to main content

VPC Endpoints: Gateways and Interfaces

VPC Endpoints

Not all AWS services can communicate with each other, as some are in a VPC and some are not, i.e. have public Internet access.

VPC Endpoints allow you to connect a service that's in a VPC with another service outside the VPC. This is useful for things like Lambda functions, where you might want to both access an RDS database (which will be in a VPC) and something like SES (which is not in a VPC) at the same time.

There are two types of VPC endpoints to be aware of:

Gateways

These only exist (at the time of writing) for S3 and DynamoDB. The main distinction between these and the more common Interface endpoints are that they're not charged - you can use Gateways for free.

Interfaces

These fit all the other use cases; anything other than S3 or DynamoDB will require an interface if you need to enable a VPC endpoint.

These cost around $7.50/month at the minimum. More information on that is here.

More information

https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html

Back to top