How to use a VPC endpoint to access my S3 bucket list/buckets?

0
votes

I have tried almost everything I could find, but after creating a VPC endpoint: vpce-xxxx-xxxx.s3.eu-central-1.vpce.amazonaws.com I cannot access this from the internet. I am only doing this because a customer is using the service, but I cannot for the life of me figure out how to send HTTP requests to the above endpoint and have it respond properly. All connection attempts fail: "The connection to 'bucket.vpce-xxx-xxxx.s3.eu-central-1.vpce.amazonaws.com' failed. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed...because connected host has failed to respond"

I tried creating an EC2 instance and connecting with: aws s3 --region eu-central-1 --endpoint-url https://bucket.vpce-xxx-xxx.s3.eu-ecentral-1.pce.amazonaws.com ls s3://mybucketname However that also times out. Is there any guide or anything to minimally configure a VPC endpoint so I can access it from the internet? I would appreciate any help and give out all necessary details.

1
amazon-web-servicesamazon-s3
Regarding "I cannot access this from the internet" - no idea what you mean with that. Your VPC endpoint cannot be used "from the internet", they can be used from within your VPC.luk2302

1 Answers

1
votes

A VPC endpoint is normally accompanied by entries in the routing table(s) of the subnet(s) of the VPC it belongs to. Those route tables use prefix lists to route all requests towards S3 in the same region to the VPC endpoint instead of other possible routes.

That means your application does not need to do anything to make use of the VPC endpoint, specifically you should not try anything like https://bucket.vpce-xxx-xxx.s3.eu-ecentral-1.pce.amazonaws.com (not sure where you got that URL from), just do a completely regular aws s3 ls s3://mybucketname.

"Is there any guide or anything to minimally configure a VPC endpoint so I can access it from the internet" - I doubt it. That is not what VPC endpoints are to be used for. They are for requests from your VPC to AWS services, not Internet -> Anywhere.