Skip to main content

Create an AWS VPC Endpoint for Amazon S3 and Validate Connectivity From a Private Amazon EC2 Instance

Hands-On Lab


Photo of

Training Architect





Many customers have legitimate privacy and security concerns about sending and receiving data across the public internet. Customers can address these concerns by using a virtual private network (VPN) to route all Amazon S3 network traffic through their own corporate network infrastructure. However, this approach can introduce bandwidth and availability challenges.

VPC endpoints for Amazon S3 can alleviate these challenges. A VPC endpoint for Amazon S3 enables AWS Glue to use private IP addresses to access Amazon S3 with no exposure to the public internet. AWS Glue does not require public IP addresses, and you don't need an internet gateway, a NAT device, or a virtual private gateway in your VPC. You use endpoint policies to control access to Amazon S3. Traffic between your VPC and the AWS service does not leave the Amazon network

In this Learning Activity, we will configure an S3 endpoint to illustrate the benefits of its use in your cloud implementations.

NOTE: The startup page for our learning environment has changed and the instructions for logging are different. This video describes how to log into the new learning environment. When prompted, please use the username/password listed in the learning environment to log into the AWS Console.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.