AWS PrivateLink と統合する AWS のサービス
次の AWS のサービスは AWS PrivateLink と統合します。VPC エンドポイントを作成して、独自の VPC で実行されているかのように、これらのサービスにプライベートに接続することができます。
[AWS のサービス] 列のリンクを選択して、AWS PrivateLink と統合するサービスのドキュメントを参照してください。[サービス名] 列は、インターフェイス VPC エンドポイントを作成するときに指定するサービス名、またはサービスがエンドポイントを管理することを示します。
| AWS のサービス | サービス名 |
|---|---|
| Access Analyzer | com.amazonaws.region.access-analyzer |
| AWS Account Management | com.amazonaws.region.account |
| Amazon API Gateway | com.amazonaws.region.execute-api |
| AWS App Mesh | com.amazonaws.region.appmesh |
| com.amazonaws.region.appmesh-envoy-management | |
| AWS App Runner | com.amazonaws.region.apprunner |
| AWS App Runner サービス | com.amazonaws.region.apprunner.requests |
| Application Auto Scaling | com.amazonaws.region.application-autoscaling |
| AWS Application Migration Service | com.amazonaws.region.mgn |
| Amazon AppStream 2.0 | com.amazonaws.region.appstream.api |
| com.amazonaws.region.appstream.streaming | |
| AWS AppSync | com.amazonaws.region.appsync-api |
| Amazon Athena | com.amazonaws.region.athena |
| AWS Audit Manager | com.amazonaws.region.auditmanager |
| Amazon Aurora | com.amazonaws.region.rds |
| AWS Auto Scaling | com.amazonaws.region.autoscaling-plans |
| AWS Backup | com.amazonaws.region.backup |
| com.amazonaws.region.backup-gateway | |
| AWS Batch | com.amazonaws.region.batch |
| Amazon Bedrock | com.amazonaws.region.bedrock |
com.amazonaws.region.bedrock-runtime |
|
| AWS Billing Conductor | com.amazonaws.region.billingconductor |
| Amazon Braket | com.amazonaws.region.braket |
| AWS クリーンルーム | com.amazonaws.region.cleanrooms |
| AWS Cloud Control API | com.amazonaws.region.cloudcontrolapi |
| com.amazonaws.region.cloudcontrolapi-fips | |
| Amazon Cloud Directory | com.amazonaws.region.clouddirectory |
| AWS CloudFormation | com.amazonaws.region.cloudformation |
| com.amazonaws.region.cloudhsmv2 | |
| AWS Cloud Map | com.amazonaws.region.servicediscovery |
com.amazonaws.region.servicediscovery-fips |
|
com.amazonaws.region.data-servicediscovery |
|
com.amazonaws.region.data-servicediscovery-fips |
|
| AWS CloudTrail | com.amazonaws.region.cloudtrail |
| Amazon CloudWatch | com.amazonaws.region.evidently |
| com.amazonaws.region.evidently-dataplane | |
| com.amazonaws.region.monitoring | |
| com.amazonaws.region.rum | |
| com.amazonaws.region.rum-dataplane | |
| com.amazonaws.region.synthetics | |
| Amazon CloudWatch Events | com.amazonaws.region.events |
| Amazon CloudWatch Logs | com.amazonaws.region.logs |
| AWS CodeArtifact | com.amazonaws.region.codeartifact.api |
| com.amazonaws.region.codeartifact.repositories | |
| AWS CodeBuild | com.amazonaws.region.codebuild |
| com.amazonaws.region.codebuild-fips | |
| AWS CodeCommit | com.amazonaws.region.codecommit |
| com.amazonaws.region.codecommit-fips | |
| com.amazonaws.region.git-codecommit | |
| com.amazonaws.region.git-codecommit-fips | |
| AWS CodeDeploy | com.amazonaws.region.codedeploy |
| com.amazonaws.region.codedeploy-commands-secure | |
| Amazon CodeGuru Profiler | com.amazonaws.region.codeguru-profiler |
| Amazon CodeGuru Reviewer | com.amazonaws.region.codeguru-reviewer |
| AWS CodePipeline | com.amazonaws.region.codepipeline |
| AWS CodeStar 接続 | com.amazonaws.region.codestar-connections.api |
| Amazon CodeWhisperer | com.amazonaws.region.codewhisperer |
| Amazon Comprehend | com.amazonaws.region.comprehend |
| Amazon Comprehend Medical | com.amazonaws.region.comprehendmedical |
| AWS Config | com.amazonaws.region.config |
| Amazon Connect | com.amazonaws.region.app-integrations |
| com.amazonaws.region.cases | |
| com.amazonaws.region.connect-campaigns | |
| com.amazonaws.region.profile | |
| com.amazonaws.region.voiceid | |
| com.amazonaws.region.wisdom | |
| AWS Data Exchange | com.amazonaws.region.dataexchange |
| AWS Database Migration Service | com.amazonaws.region.dms |
| com.amazonaws.region.dms-fips | |
| AWS DataSync | com.amazonaws.region.datasync |
| Amazon DataZone | com.amazonaws.region.datazone |
| Amazon DevOps Guru | com.amazonaws.region.devops-guru |
| AWS Directory Service | com.amazonaws.region.ds |
| Amazon EBS ダイレクト API | com.amazonaws.region.ebs |
| Amazon EC2 | com.amazonaws.region.ec2 |
| Amazon EC2 Auto Scaling | com.amazonaws.region.autoscaling |
| EC2 Image Builder | com.amazonaws.region.imagebuilder |
| Amazon ECR | com.amazonaws.region.ecr.api |
| com.amazonaws.region.ecr.dkr | |
| Amazon ECS | com.amazonaws.region.ecs |
| com.amazonaws.region.ecs-agent | |
| com.amazonaws.region.ecs-telemetry | |
| Amazon EKS | com.amazonaws.region.eks |
| AWS Elastic Beanstalk | com.amazonaws.region.elasticbeanstalk |
| com.amazonaws.region.elasticbeanstalk-health | |
| AWS Elastic Disaster Recovery | com.amazonaws.region.drs |
| Amazon Elastic File System | com.amazonaws.region.elasticfilesystem |
| com.amazonaws.region.elasticfilesystem-fips | |
| Amazon Elastic Inference | com.amazonaws.region.elastic-inference.runtime |
| Elastic Load Balancing | com.amazonaws.region.elasticloadbalancing |
| Amazon ElastiCache | com.amazonaws.region.elasticache |
| com.amazonaws.region.elasticache-fips | |
| AWS Elemental MediaConnect | com.amazonaws.region.mediaconnect |
| Amazon EMR | com.amazonaws.region.elasticmapreduce |
| Amazon EMR on EKS | com.amazonaws.region.emr-containers |
| Amazon EMR Serverless | com.amazonaws.region.emr-serverless |
| AWS Entity Resolution | com.amazonaws.region.entityresolution |
| Amazon EventBridge | com.amazonaws.region.events |
| AWS Fault Injection Simulator | com.amazonaws.region.fis |
| Amazon FinSpace | com.amazonaws.region.finspace |
| com.amazonaws.region.finspace-api | |
| Amazon Forecast | com.amazonaws.region.forecast |
| com.amazonaws.region.forecastquery | |
| com.amazonaws.region.forecast-fips | |
| com.amazonaws.region.forecastquery-fips | |
| Amazon Fraud Detector | com.amazonaws.region.frauddetector |
| Amazon FSx | com.amazonaws.region.fsx |
| com.amazonaws.region.fsx-fips | |
| AWS Glue | com.amazonaws.region.glue |
| AWS Glue DataBrew | com.amazonaws.region.databrew |
| Amazon Managed Grafana | com.amazonaws.region.grafana |
| com.amazonaws.region.grafana-workspace | |
| AWS Ground Station | com.amazonaws.region.groundstation |
| Amazon GuardDuty | com.amazonaws.region.guardduty-data |
com.amazonaws.region.guardduty-data-fips |
|
| AWS HealthImaging | com.amazonaws.region.medical-imaging |
com.amazonaws.region.runtime-medical-imaging |
|
| AWS HealthLake | com.amazonaws.region.healthlake |
| IAM アイデンティティセンター | com.amazonaws.region.identitystore |
| IAM Roles Anywhere | com.amazonaws.region.rolesanywhere |
| Amazon Inspector | com.amazonaws.region.inspector2 |
| AWS IoT Core | com.amazonaws.region.iot.data |
com.amazonaws.region.iot.fleethub.api |
|
| AWS IoT Core Device Advisor | com.amazonaws.region.deviceadvisor.iot |
| AWS IoT Core for LoRaWAN | com.amazonaws.region.iotwireless.api |
| com.amazonaws.region.lorawan.cups | |
| com.amazonaws.region.lorawan.lns | |
| AWS IoT FleetWise | com.amazonaws.region.iotfleetwise |
| AWS IoT Greengrass | com.amazonaws.region.greengrass |
| AWS IoT RoboRunner | com.amazonaws.region.iotroborunner |
| AWS IoT SiteWise | com.amazonaws.region.iotsitewise.api |
| com.amazonaws.region.iotsitewise.data | |
| AWS IoT TwinMaker | com.amazonaws.region.iottwinmaker.api |
| com.amazonaws.region.iottwinmaker.data | |
| Amazon Kendra | com.amazonaws.region.kendra |
| aws.api.region.kendra-ranking | |
| AWS Key Management Service | com.amazonaws.region.kms |
com.amazonaws.region.kms-fips |
|
| Amazon Keyspaces (Apache Cassandra 向け) | com.amazonaws.region.cassandra |
| com.amazonaws.region.cassandra-fips | |
| Amazon Kinesis Data Firehose | com.amazonaws.region.kinesis-firehose |
| Amazon Kinesis Data Streams | com.amazonaws.region.kinesis-streams |
| AWS Lake Formation | com.amazonaws.region.lakeformation |
| AWS Lambda | com.amazonaws.region.lambda |
| Amazon Lex | com.amazonaws.region.models-v2-lex |
com.amazonaws.region.runtime-v2-lex |
|
| AWS License Manager | com.amazonaws.region.license-manager |
com.amazonaws.region.license-manager-fips |
|
| Amazon Lookout for Equipment | com.amazonaws.region.lookoutequipment |
| Amazon Lookout for Metrics | com.amazonaws.region.lookoutmetrics |
| Amazon Lookout for Vision | com.amazonaws.region.lookoutvision |
| Amazon Macie | com.amazonaws.region.macie2 |
| AWS Mainframe Modernization | com.amazonaws.region.m2 |
| Amazon Managed Blockchain | com.amazonaws.region.managedblockchain-query |
com.amazonaws.region.managedblockchain.bitcoin.mainnet |
|
com.amazonaws.region.managedblockchain.bitcoin.testnet |
|
| Amazon Managed Service for Prometheus | com.amazonaws.region.aps |
com.amazonaws.region.aps-workspaces |
|
| Amazon Managed Workflows for Apache Airflow | com.amazonaws.region.airflow.api |
com.amazonaws.region.airflow.env |
|
com.amazonaws.region.airflow.ops |
|
| AWS Management Console | com.amazonaws.region.console |
com.amazonaws.region.signin |
|
| Amazon MemoryDB for Redis | com.amazonaws.region.memory-db |
com.amazonaws.region.memorydb-fips |
|
| AWS Migration Hub Orchestrator | com.amazonaws.region.migrationhub-orchestrator |
| AWS Migration Hub Refactor Spaces | com.amazonaws.region.refactor-spaces |
| Migration Hub 戦略レコメンデーション | com.amazonaws.region.migrationhub-strategy |
| Amazon Nimble Studio | com.amazonaws.region.nimble |
| AWS HealthOmics | com.amazonaws.region.analytics-omics |
com.amazonaws.region.control-storage-omics |
|
com.amazonaws.region.storage-omics |
|
com.amazonaws.region.tags-omics |
|
com.amazonaws.region.workflows-omics |
|
| Amazon OpenSearch Service | これらのエンドポイントはサービス管理されています |
| AWS Panorama | com.amazonaws.region.panorama |
| AWS Payment Cryptography | com.amazonaws.region.payment-cryptography.controlplane |
com.amazonaws.region.payment-cryptography.dataplane |
|
| Amazon Personalize | com.amazonaws.region.personalize |
com.amazonaws.region.personalize-events |
|
com.amazonaws.region.personalize-runtime |
|
| Amazon Pinpoint | com.amazonaws.region.pinpoint |
com.amazonaws.region.pinpoint-sms-voice-v2 |
|
| Amazon Polly | com.amazonaws.region.polly |
| AWS Private 5G | com.amazonaws.region.private-networks |
| AWS Private Certificate Authority | com.amazonaws.region.acm-pca |
com.amazonaws.region.pca-connector-ad |
|
| AWS Proton | com.amazonaws.region.proton |
| Amazon QLDB | com.amazonaws.region.qldb.session |
| Amazon RDS | com.amazonaws.region.rds |
| Amazon RDS Data API | com.amazonaws.region.rds-data |
| Amazon Redshift | com.amazonaws.region.redshift |
com.amazonaws.region.redshift-fips |
|
| Amazon Redshift Data API | com.amazonaws.region.redshift-data |
| Amazon Rekognition | com.amazonaws.region.rekognition |
com.amazonaws.region.rekognition-fips |
|
com.amazonaws.region.streaming-rekognition |
|
com.amazonaws.region.streaming-rekognition-fips |
|
| AWS RoboMaker | com.amazonaws.region.robomaker |
| Amazon S3 | com.amazonaws.region.s3 |
| Amazon S3 マルチリージョンアクセスポイント | com.amazonaws.s3-global.accesspoint |
| Amazon S3 on Outposts | com.amazonaws.region.s3-outposts |
| Amazon SageMaker | aws.sagemaker.region.notebook |
| aws.sagemaker.region.studio | |
com.amazonaws.region.sagemaker.api |
|
com.amazonaws.region.sagemaker.featurestore-runtime |
|
com.amazonaws.region.sagemaker.metrics |
|
com.amazonaws.region.sagemaker.runtime |
|
com.amazonaws.region.sagemaker.runtime-fips |
|
| AWS Secrets Manager | com.amazonaws.region.secretsmanager |
| AWS Security Hub | com.amazonaws.region.securityhub |
| AWS Security Token Service | com.amazonaws.region.sts |
| Service Catalog | com.amazonaws.region.servicecatalog |
com.amazonaws.region.servicecatalog-appregistry |
|
| Amazon SES | com.amazonaws.region.email-smtp |
| AWS SimSpace Weaver | com.amazonaws.region.simspaceweaver |
| AWS Snow Device Management | com.amazonaws.region.snow-device-management |
| Amazon SNS | com.amazonaws.region.sns |
| Amazon SQS | com.amazonaws.region.sqs |
| Amazon SWF | com.amazonaws.region.swf |
com.amazonaws.region.swf-fips |
|
| AWS Step Functions | com.amazonaws.region.states |
com.amazonaws.region.sync-states |
|
| AWS Storage Gateway | com.amazonaws.region.storagegateway |
| AWS Systems Manager | com.amazonaws.region.ec2messages |
com.amazonaws.region.ssm |
|
com.amazonaws.region.ssm-contacts |
|
com.amazonaws.region.ssm-incidents |
|
com.amazonaws.region.ssmmessages |
|
| AWS 通信ネットワークビルダー | com.amazonaws.region.tnb |
| Amazon Textract | com.amazonaws.region.textract |
com.amazonaws.region.textract-fips |
|
| Amazon Timestream | com.amazonaws.region.timestream.ingest-cell |
com.amazonaws.region.timestream.query-cell |
|
| Amazon Transcribe | com.amazonaws.region.transcribe |
com.amazonaws.region.transcribestreaming |
|
| Amazon Transcribe Medical | com.amazonaws.region.transcribe |
com.amazonaws.region.transcribestreaming |
|
| AWS Transfer for SFTP | com.amazonaws.region.transfer |
com.amazonaws.region.transfer.server |
|
| Amazon Translate | com.amazonaws.region.translate |
| Amazon Verified Permissions | com.amazonaws.region.verifiedpermissions |
| Amazon VPC Lattice | com.amazonaws.region.vpc-lattice |
| Amazon WorkSpaces | com.amazonaws.region.workspaces |
| AWS X-Ray | com.amazonaws.region.xray |
使用可能な AWS のサービス の名前を表示する
describe-vpc-endpoint-services コマンドを使用して、VPC エンドポイントをサポートするサービス名を表示できます。
次に、指定したリージョン内のインターフェイスエンドポイントをサポートする AWS のサービス を表示する例を示します。--query オプションは、出力をサービス名に制限します
aws ec2 describe-vpc-endpoint-services \ --filters Name=service-type,Values=Interface Name=owner,Values=amazon \ --regionus-east-1\ --query ServiceNames
出力例を次に示します。
[
"aws.api.us-east-1.kendra-ranking",
"aws.sagemaker.us-east-1.notebook",
"aws.sagemaker.us-east-1.studio",
"com.amazonaws.s3-global.accesspoint",
"com.amazonaws.us-east-1.access-analyzer",
"com.amazonaws.us-east-1.account",
...
]サービスに関する情報を表示する
サービス名を取得したら、describe-vpc-endpoint-services コマンドを使用して、各エンドポイントサービスに関する詳細情報を表示できます。
次の例では、指定したリージョン内の Amazon CloudWatch インターフェイスエンドポイントに関する情報を表示します。
aws ec2 describe-vpc-endpoint-services \ --service-name "com.amazonaws.us-east-1.monitoring" \ --regionus-east-1
出力例を次に示します。VpcEndpointPolicySupported は、エンドポイントポリシーがサポートされているかどうかを示し、SupportedIpAddressTypes は、どの IP アドレスタイプがサポートされているかを示します。
{
"ServiceDetails": [
{
"ServiceName": "com.amazonaws.us-east-1.monitoring",
"ServiceId": "vpce-svc-0fc975f3e7e5beba4",
"ServiceType": [
{
"ServiceType": "Interface"
}
],
"AvailabilityZones": [
"us-east-1a",
"us-east-1b",
"us-east-1c",
"us-east-1d",
"us-east-1e",
"us-east-1f"
],
"Owner": "amazon",
"BaseEndpointDnsNames": [
"monitoring.us-east-1.vpce.amazonaws.com"
],
"PrivateDnsName": "monitoring.us-east-1.amazonaws.com",
"PrivateDnsNames": [
{
"PrivateDnsName": "monitoring.us-east-1.amazonaws.com"
}
],
"VpcEndpointPolicySupported": true,
"AcceptanceRequired": false,
"ManagesVpcEndpoints": false,
"Tags": [],
"PrivateDnsNameVerificationState": "verified",
"SupportedIpAddressTypes": [
"ipv4"
]
}
],
"ServiceNames": [
"com.amazonaws.us-east-1.monitoring"
]
}エンドポイントポリシーのサポートを表示する
サービスがエンドポイントポリシーをサポートしているかどうかを確認するには、describe-vpc-endpoint-services コマンドを呼び出して VpcEndpointPolicySupported の値をチェックします。指定できる値は true および false です。
次の例では、指定したサービスが指定したリージョン内のエンドポイントポリシーをサポートしているかどうかをチェックします。--query オプションは、出力を VpcEndpointPolicySupported の値に制限します。
aws ec2 describe-vpc-endpoint-services \ --service-name "com.amazonaws.us-east-1.s3" \ --regionus-east-1\ --query ServiceDetails[*].VpcEndpointPolicySupported \ --output text
以下は出力例です。
True次の例では、指定されたリージョンでエンドポイント ポリシーをサポートする AWS のサービス を一覧表示します。--query オプションは、出力をサービス名に制限します Windows コマンドプロンプトを使用してこのコマンドを実行するには、クエリ文字列を囲む一重引用符を削除し、行継続文字を \ から ^ に変更します。
aws ec2 describe-vpc-endpoint-services \ --filters Name=service-type,Values=Interface Name=owner,Values=amazon \ --regionus-east-1\ --query 'ServiceDetails[?VpcEndpointPolicySupported==`true`].ServiceName'
以下は出力例です。
[
"aws.api.us-east-1.kendra-ranking",
"aws.sagemaker.us-east-1.notebook",
"aws.sagemaker.us-east-1.studio",
"com.amazonaws.s3-global.accesspoint",
"com.amazonaws.us-east-1.access-analyzer",
"com.amazonaws.us-east-1.account",
...
]次の例では、指定されたリージョンでエンドポイントポリシーをサポートしていない AWS のサービス を一覧表示します。--query オプションは、出力をサービス名に制限します Windows コマンドプロンプトを使用してこのコマンドを実行するには、クエリ文字列を囲む一重引用符を削除し、行継続文字を \ から ^ に変更します。
aws ec2 describe-vpc-endpoint-services \ --filters Name=service-type,Values=Interface Name=owner,Values=amazon \ --regionus-east-1\ --query 'ServiceDetails[?VpcEndpointPolicySupported==`false`].ServiceName'
以下は出力例です。
[
"com.amazonaws.us-east-1.appmesh-envoy-management",
"com.amazonaws.us-east-1.apprunner.requests",
"com.amazonaws.us-east-1.appstream.api",
"com.amazonaws.us-east-1.appstream.streaming",
"com.amazonaws.us-east-1.awsconnector",
"com.amazonaws.us-east-1.cleanrooms",
"com.amazonaws.us-east-1.cloudtrail",
"com.amazonaws.us-east-1.codeguru-profiler",
"com.amazonaws.us-east-1.codeguru-reviewer",
"com.amazonaws.us-east-1.codepipeline",
"com.amazonaws.us-east-1.codewhisperer",
"com.amazonaws.us-east-1.datasync",
"com.amazonaws.us-east-1.datazone",
"com.amazonaws.us-east-1.deviceadvisor.iot",
"com.amazonaws.us-east-1.ebs",
"com.amazonaws.us-east-1.eks",
"com.amazonaws.us-east-1.elastic-inference.runtime",
"com.amazonaws.us-east-1.email-smtp",
"com.amazonaws.us-east-1.grafana-workspace",
"com.amazonaws.us-east-1.iot.data",
"com.amazonaws.us-east-1.iotwireless.api",
"com.amazonaws.us-east-1.lorawan.cups",
"com.amazonaws.us-east-1.lorawan.lns",
"com.amazonaws.us-east-1.macie2",
"com.amazonaws.us-east-1.nimble",
"com.amazonaws.us-east-1.redshift-data",
"com.amazonaws.us-east-1.refactor-spaces",
"com.amazonaws.us-east-1.sagemaker.runtime-fips",
"com.amazonaws.us-east-1.storagegateway",
"com.amazonaws.us-east-1.transfer",
"com.amazonaws.us-east-1.transfer.server",
"com.amazonaws.us-east-1.verifiedpermissions"
]IPv6 サポートを表示する
次の describe-vpc-endpoint-services コマンドを使用すると、指定したリージョンで IPv6 経由でアクセスできる AWS のサービス を表示できます。--query オプションは、出力をサービス名に制限します
aws ec2 describe-vpc-endpoint-services \ --filters Name=supported-ip-address-types,Values=ipv6 Name=owner,Values=amazon Name=service-type,Values=Interface \ --regionus-east-1\ --query ServiceNames
出力例を次に示します。
[
"aws.api.us-east-1.kendra-ranking",
"com.amazonaws.us-east-1.athena",
"com.amazonaws.us-east-1.data-servicediscovery",
"com.amazonaws.us-east-1.data-servicediscovery-fips",
"com.amazonaws.us-east-1.glue",
"com.amazonaws.us-east-1.lakeformation",
"com.amazonaws.us-east-1.servicediscovery",
"com.amazonaws.us-east-1.servicediscovery-fips"
]