AWS EC2 connects to S3 inside VPC without passing throught Internet - Amazon web services

MarcoEvasi
October 1, 2022
209 views
0 votes
2 Answers

I have an EC2 instance in a AWS VPC public subnet.

If an application running on the instance connects to S3 with a Boto3 client, is the traffic routed inside AWS network even if I don’t have a gateway endpoint set in the VPC or it goes throught Internet?

If to keep traffic in AWS network I need a VPC endpoint, then how can I use a gateway VPC endpoint with a Boto3 client?

Answers

- Marcin
- October 1, 2022 at 11:19 am
- 0 votes
0
if I don’t have a gateway endpoint set in the VPC or it goes throught Internet?

Yes, if you do not have S3 gateway nor S3 interface endpoint, traffic to S3 goes over the internet.

how can I use a gateway VPC endpoint with a Boto3 client?

You don’t have to do anything if you configure S3 gateway or S3 interface endpoint correctly. This will work seamlessly with boto3.

Login or Signup to reply.

- ChetanPatil
- October 2, 2022 at 1:33 am
- 0 votes
0
Well you can verify yourself from AWS S3 server logs if traffic is coming from VPC endpoint or internet(IGW or NAT). If both are configured on your subnet’s route table then VPC endpoint will take precedence over IGW/NAT. Make sure you attach correct IAM role for accessing S3 from your EC2.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

AWS EC2 connects to S3 inside VPC without passing throught Internet – Amazon web services

Answers