AWS PrivateLink と統合する AWS のサービス
次の AWS のサービスは AWS PrivateLink と統合します。VPC エンドポイントを作成して、独自の VPC で実行されているかのように、これらのサービスにプライベートに接続することができます。
[AWS のサービス] 列のリンクを選択して、AWS PrivateLink と統合するサービスのドキュメントを参照してください。[サービス名] 列は、インターフェイス VPC エンドポイントを作成するときに指定するサービス名、またはサービスがエンドポイントを管理することを示します。
AWS のサービス | サービス名 |
---|---|
Access Analyzer | com.amazonaws.region.access-analyzer |
AWS Account Management | com.amazonaws.region.account |
Amazon API Gateway | com.amazonaws.region.execute-api |
AWS App Mesh | com.amazonaws.region.appmesh |
com.amazonaws.region.appmesh-envoy-management | |
AWS App Runner | com.amazonaws.region.apprunner |
AWS App Runner サービス | com.amazonaws.region.apprunner.requests |
Application Auto Scaling | com.amazonaws.region.application-autoscaling |
AWS Application Migration Service | com.amazonaws.region.mgn |
Amazon AppStream 2.0 | com.amazonaws.region.appstream.api |
com.amazonaws.region.appstream.streaming | |
AWS AppSync | com.amazonaws.region.appsync-api |
Amazon Athena | com.amazonaws.region.athena |
AWS Audit Manager | com.amazonaws.region.auditmanager |
Amazon Aurora | com.amazonaws.region.rds |
AWS Auto Scaling | com.amazonaws.region.autoscaling-plans |
AWS Backup | com.amazonaws.region.backup |
com.amazonaws.region.backup-gateway | |
AWS Batch | com.amazonaws.region.batch |
AWS Billing Conductor | com.amazonaws.region.billingconductor |
Amazon Braket | com.amazonaws.region.braket |
AWS クリーンルーム | com.amazonaws.region.cleanrooms |
AWS Cloud Control API | com.amazonaws.region.cloudcontrolapi |
com.amazonaws.region.cloudcontrolapi-fips | |
Amazon Cloud Directory | com.amazonaws.region.clouddirectory |
AWS CloudFormation | com.amazonaws.region.cloudformation |
com.amazonaws.region.cloudhsmv2 | |
AWS CloudTrail | com.amazonaws.region.cloudtrail |
Amazon CloudWatch | com.amazonaws.region.evidently |
com.amazonaws.region.evidently-dataplane | |
com.amazonaws.region.monitoring | |
com.amazonaws.region.rum | |
com.amazonaws.region.rum-dataplane | |
com.amazonaws.region.synthetics | |
Amazon CloudWatch Events | com.amazonaws.region.events |
Amazon CloudWatch Logs | com.amazonaws.region.logs |
AWS CodeArtifact | com.amazonaws.region.codeartifact.api |
com.amazonaws.region.codeartifact.repositories | |
AWS CodeBuild | com.amazonaws.region.codebuild |
com.amazonaws.region.codebuild-fips | |
AWS CodeCommit | com.amazonaws.region.codecommit |
com.amazonaws.region.codecommit-fips | |
com.amazonaws.region.git-codecommit | |
com.amazonaws.region.git-codecommit-fips | |
AWS CodeDeploy | com.amazonaws.region.codedeploy |
com.amazonaws.region.codedeploy-commands-secure | |
Amazon CodeGuru Profiler | com.amazonaws.region.codeguru-profiler |
Amazon CodeGuru Reviewer | com.amazonaws.region.codeguru-reviewer |
AWS CodePipeline | com.amazonaws.region.codepipeline |
AWS CodeStar 接続 | com.amazonaws.region.codestar-connections.api |
Amazon Comprehend | com.amazonaws.region.comprehend |
Amazon Comprehend Medical | com.amazonaws.region.comprehendmedical |
AWS Config | com.amazonaws.region.config |
Amazon Connect | com.amazonaws.region.app-integrations |
com.amazonaws.region.cases | |
com.amazonaws.region.connect-campaigns | |
com.amazonaws.region.profile | |
com.amazonaws.region.voiceid | |
com.amazonaws.region.wisdom | |
AWS Data Exchange | com.amazonaws.region.dataexchange |
AWS Database Migration Service | com.amazonaws.region.dms |
com.amazonaws.region.dms-fips | |
AWS DataSync | com.amazonaws.region.datasync |
Amazon DevOps Guru | com.amazonaws.region.devops-guru |
AWS Directory Service | com.amazonaws.region.ds |
Amazon EBS ダイレクト API | com.amazonaws.region.ebs |
Amazon EC2 | com.amazonaws.region.ec2 |
Amazon EC2 Auto Scaling | com.amazonaws.region.autoscaling |
EC2 Image Builder | com.amazonaws.region.imagebuilder |
Amazon ECR | com.amazonaws.region.ecr.api |
com.amazonaws.region.ecr.dkr | |
Amazon ECS | com.amazonaws.region.ecs |
com.amazonaws.region.ecs-agent | |
com.amazonaws.region.ecs-telemetry | |
Amazon EKS | com.amazonaws.region.eks |
AWS Elastic Beanstalk | com.amazonaws.region.elasticbeanstalk |
com.amazonaws.region.elasticbeanstalk-health | |
AWS Elastic Disaster Recovery | com.amazonaws.region.drs |
Amazon Elastic File System | com.amazonaws.region.elasticfilesystem |
com.amazonaws.region.elasticfilesystem-fips | |
Amazon Elastic Inference | com.amazonaws.region.elastic-inference.runtime |
Elastic Load Balancing | com.amazonaws.region.elasticloadbalancing |
Amazon ElastiCache | com.amazonaws.region.elasticache |
com.amazonaws.region.elasticache-fips | |
Amazon EMR | com.amazonaws.region.elasticmapreduce |
Amazon EMR on EKS | com.amazonaws.region.emr-containers |
Amazon EMR Serverless | com.amazonaws.region.emr-serverless |
Amazon EventBridge | com.amazonaws.region.events |
AWS Fault Injection Simulator | com.amazonaws.region.fis |
Amazon FinSpace | com.amazonaws.region.finspace |
com.amazonaws.region.finspace-api | |
Amazon Forecast | com.amazonaws.region.forecast |
com.amazonaws.region.forecastquery | |
com.amazonaws.region.forecast-fips | |
com.amazonaws.region.forecastquery-fips | |
Amazon Fraud Detector | com.amazonaws.region.frauddetector |
Amazon FSx | com.amazonaws.region.fsx |
com.amazonaws.region.fsx-fips | |
AWS Glue | com.amazonaws.region.glue |
AWS Glue DataBrew | com.amazonaws.region.databrew |
Amazon Managed Grafana | com.amazonaws.region.grafana |
com.amazonaws.region.grafana-workspace | |
AWS Ground Station | com.amazonaws.region.groundstation |
Amazon GuardDuty | com.amazonaws.region.guardduty-data |
com.amazonaws.region.guardduty-data-fips | |
Amazon HealthLake | com.amazonaws.region.healthlake |
IAM Identity Center | com.amazonaws.region.identitystore |
IAM Roles Anywhere | com.amazonaws.region.rolesanywhere |
Amazon Inspector | com.amazonaws.region.inspector2 |
AWS IoT Core | com.amazonaws.region.iot.data |
AWS IoT Core Device Advisor | com.amazonaws.region.deviceadvisor.iot |
AWS IoT Core for LoRaWAN | com.amazonaws.region.iotwireless.api |
com.amazonaws.region.lorawan.cups | |
com.amazonaws.region.lorawan.lns | |
AWS IoT Greengrass | com.amazonaws.region.greengrass |
AWS IoT RoboRunner | com.amazonaws.region.iotroborunner |
AWS IoT SiteWise | com.amazonaws.region.iotsitewise.api |
com.amazonaws.region.iotsitewise.data | |
AWS IoT TwinMaker | com.amazonaws.region.iottwinmaker.api |
com.amazonaws.region.iottwinmaker.data | |
Amazon Kendra | com.amazonaws.region.kendra |
aws.api.region.kendra-ranking | |
AWS Key Management Service | com.amazonaws.region.kms |
com.amazonaws.region.kms-fips | |
Amazon Keyspaces (Apache Cassandra 向け) | com.amazonaws.region.cassandra |
com.amazonaws.region.cassandra-fips | |
Amazon Kinesis Data Firehose | com.amazonaws.region.kinesis-firehose |
Amazon Kinesis Data Streams | com.amazonaws.region.kinesis-streams |
AWS Lake Formation | com.amazonaws.region.lakeformation |
AWS Lambda | com.amazonaws.region.lambda |
Amazon Lex | com.amazonaws.region.models-v2-lex |
com.amazonaws.region.runtime-v2-lex | |
AWS License Manager | com.amazonaws.region.license-manager |
com.amazonaws.region.license-manager-fips | |
Amazon Lookout for Equipment | com.amazonaws.region.lookoutequipment |
Amazon Lookout for Metrics | com.amazonaws.region.lookoutmetrics |
Amazon Lookout for Vision | com.amazonaws.region.lookoutvision |
Amazon Macie | com.amazonaws.region.macie2 |
AWS Mainframe Modernization | com.amazonaws.region.m2 |
Amazon Managed Service for Prometheus | com.amazonaws.region.aps |
com.amazonaws.region.aps-workspaces | |
Amazon Managed Workflows for Apache Airflow | com.amazonaws.region.airflow.api |
com.amazonaws.region.airflow.env | |
com.amazonaws.region.airflow.ops | |
AWS Management Console | com.amazonaws.region.console |
com.amazonaws.region.signin | |
Amazon MemoryDB for Redis | com.amazonaws.region.memory-db |
com.amazonaws.region.memorydb-fips | |
AWS Migration Hub Orchestrator | com.amazonaws.region.migrationhub-orchestrator |
AWS Migration Hub Refactor Spaces | com.amazonaws.region.refactor-spaces |
Migration Hub 戦略レコメンデーション | com.amazonaws.region.migrationhub-strategy |
Amazon Nimble Studio | com.amazonaws.region.nimble |
Amazon Omics | com.amazonaws.region.analytics-omics |
com.amazonaws.region.control-storage-omics | |
com.amazonaws.region.storage-omics | |
com.amazonaws.region.tags-omics | |
com.amazonaws.region.workflows-omics | |
Amazon OpenSearch Service | これらのエンドポイントはサービス管理されています |
AWS Panorama | com.amazonaws.region.panorama |
Amazon Pinpoint | com.amazonaws.region.pinpoint |
com.amazonaws.region.pinpoint-sms-voice-v2 | |
Amazon Polly | com.amazonaws.region.polly |
AWS Private 5G | com.amazonaws.region.private-networks |
AWS Private Certificate Authority | com.amazonaws.region.acm-pca |
AWS Proton | com.amazonaws.region.proton |
Amazon QLDB | com.amazonaws.region.qldb.session |
Amazon RDS | com.amazonaws.region.rds |
Amazon RDS Data API | com.amazonaws.region.rds-data |
Amazon Redshift | com.amazonaws.region.redshift |
com.amazonaws.region.redshift-fips | |
Amazon Redshift Data API | com.amazonaws.region.redshift-data |
Amazon Rekognition | com.amazonaws.region.rekognition |
com.amazonaws.region.rekognition-fips | |
com.amazonaws.region.streaming-rekognition | |
com.amazonaws.region.streaming-rekognition-fips | |
AWS RoboMaker | com.amazonaws.region.robomaker |
Simple Storage Service (Amazon S3) | com.amazonaws.region.s3 |
Amazon S3 マルチリージョンアクセスポイント | com.amazonaws.s3-global.accesspoint |
Amazon S3 on Outposts | com.amazonaws.region.s3-outposts |
Amazon SageMaker | aws.sagemaker.region.notebook |
aws.sagemaker.region.studio | |
com.amazonaws.region.sagemaker.api | |
com.amazonaws.region.sagemaker.featurestore-runtime | |
com.amazonaws.region.sagemaker.metrics | |
com.amazonaws.region.sagemaker.runtime | |
com.amazonaws.region.sagemaker.runtime-fips | |
AWS Secrets Manager | com.amazonaws.region.secretsmanager |
AWS Security Hub | com.amazonaws.region.securityhub |
AWS Security Token Service | com.amazonaws.region.sts |
Service Catalog | com.amazonaws.region.servicecatalog |
com.amazonaws.region.servicecatalog-appregistry | |
Amazon SES | com.amazonaws.region.email-smtp |
AWS SimSpace Weaver | com.amazonaws.region.simspaceweaver |
AWS Snow Device Management | com.amazonaws.region.snow-device-management |
Amazon SNS | com.amazonaws.region.sns |
Amazon SQS | com.amazonaws.region.sqs |
Amazon SWF | com.amazonaws.region.swf |
com.amazonaws.region.swf-fips | |
AWS Step Functions | com.amazonaws.region.states |
com.amazonaws.region.sync-states | |
AWS Storage Gateway | com.amazonaws.region.storagegateway |
AWS Systems Manager | com.amazonaws.region.ec2messages |
com.amazonaws.region.ssm | |
com.amazonaws.region.ssm-contacts | |
com.amazonaws.region.ssm-incidents | |
com.amazonaws.region.ssmmessages | |
AWS 通信ネットワークビルダー | com.amazonaws.region.tnb |
Amazon Textract | com.amazonaws.region.textract |
com.amazonaws.region.textract-fips | |
Amazon Transcribe | com.amazonaws.region.transcribe |
com.amazonaws.region.transcribestreaming | |
Amazon Transcribe Medical | com.amazonaws.region.transcribe |
com.amazonaws.region.transcribestreaming | |
AWS Transfer for SFTP | com.amazonaws.region.transfer |
com.amazonaws.region.transfer.server | |
Amazon Translate | com.amazonaws.region.translate |
Amazon VPC Lattice | com.amazonaws.region.vpc-lattice |
Amazon WorkSpaces | com.amazonaws.region.workspaces |
AWS X-Ray | com.amazonaws.region.xray |
使用可能な AWS のサービス の名前を表示する
describe-vpc-endpoint-services コマンドを使用して、VPC エンドポイントをサポートするサービス名を表示できます。
次に、指定したリージョン内のインターフェイスエンドポイントをサポートする AWS のサービス を表示する例を示します。--query
オプションは、出力をサービス名に制限します
aws ec2 describe-vpc-endpoint-services \ --filter Name=service-type,Values=Interface Name=owner,Values=amazon \ --region
us-east-1
\ --query ServiceNames
出力例を次に示します。
[
"aws.sagemaker.us-east-1.notebook",
"aws.sagemaker.us-east-1.studio",
"com.amazonaws.s3-global.accesspoint",
"com.amazonaws.us-east-1.access-analyzer",
"com.amazonaws.us-east-1.account",
...
]
サービスに関する情報を表示する
サービス名を取得したら、describe-vpc-endpoint-services コマンドを使用して、各エンドポイントサービスに関する詳細情報を表示できます。
次の例では、指定したリージョン内の Amazon CloudWatch インターフェイスエンドポイントに関する情報を表示します。
aws ec2 describe-vpc-endpoint-services \ --service-name "com.amazonaws.us-east-1.monitoring" \ --region
us-east-1
出力例を次に示します。VpcEndpointPolicySupported
は、エンドポイントポリシーがサポートされているかどうかを示し、SupportedIpAddressTypes
は、どの IP アドレスタイプがサポートされているかを示します。
{
"ServiceDetails": [
{
"ServiceName": "com.amazonaws.us-east-1.monitoring",
"ServiceId": "vpce-svc-0fc975f3e7e5beba4",
"ServiceType": [
{
"ServiceType": "Interface"
}
],
"AvailabilityZones": [
"us-east-1a",
"us-east-1b",
"us-east-1c",
"us-east-1d",
"us-east-1e",
"us-east-1f"
],
"Owner": "amazon",
"BaseEndpointDnsNames": [
"monitoring.us-east-1.vpce.amazonaws.com"
],
"PrivateDnsName": "monitoring.us-east-1.amazonaws.com",
"PrivateDnsNames": [
{
"PrivateDnsName": "monitoring.us-east-1.amazonaws.com"
}
],
"VpcEndpointPolicySupported": true,
"AcceptanceRequired": false,
"ManagesVpcEndpoints": false,
"Tags": [],
"PrivateDnsNameVerificationState": "verified",
"SupportedIpAddressTypes": [
"ipv4"
]
}
],
"ServiceNames": [
"com.amazonaws.us-east-1.monitoring"
]
}
エンドポイントポリシーのサポートを表示する
サービスがエンドポイントポリシーをサポートしているかどうかを確認するには、describe-vpc-endpoint-services コマンドを呼び出して VpcEndpointPolicySupported
の値をチェックします。指定できる値は true
および false
です。
次の例では、指定したサービスが指定したリージョン内のエンドポイントポリシーをサポートしているかどうかをチェックします。--query
オプションは、出力を VpcEndpointPolicySupported
の値に制限します。
aws ec2 describe-vpc-endpoint-services \ --service-name "
com.amazonaws.us-east-1.s3
" \ --regionus-east-1
\ --query ServiceDetails[*].VpcEndpointPolicySupported \ --output text
以下は出力例です。
True
次の例では、指定したリージョンのエンドポイントポリシーをサポートしているサービスを一覧表示します。--query
オプションは、出力をサービス名に制限します Windows コマンドプロンプトを使用してこのコマンドを実行するには、クエリ文字列を囲む一重引用符を削除し、行継続文字を \ から ^ に変更します。
aws ec2 describe-vpc-endpoint-services \ --region
us-east-1
\ --query 'ServiceDetails[?VpcEndpointPolicySupported==`true`].ServiceName'
以下は出力例です。
[
"aws.sagemaker.us-east-1.notebook",
"aws.sagemaker.us-east-1.studio",
"com.amazonaws.s3-global.accesspoint",
"com.amazonaws.us-east-1.access-analyzer",
"com.amazonaws.us-east-1.account",
...
]
次の例では、指定したリージョンのエンドポイントポリシーをサポートしていないサービスを一覧表示します。--query
オプションは、出力をサービス名に制限します Windows コマンドプロンプトを使用してこのコマンドを実行するには、クエリ文字列を囲む一重引用符を削除し、行継続文字を \ から ^ に変更します。
aws ec2 describe-vpc-endpoint-services \ --region
us-east-1
\ --query 'ServiceDetails[?VpcEndpointPolicySupported==`false`].ServiceName'
以下は出力例です。
[
"com.amazonaws.us-east-1.appmesh-envoy-management",
"com.amazonaws.us-east-1.apprunner.requests",
"com.amazonaws.us-east-1.appstream.api",
"com.amazonaws.us-east-1.appstream.streaming",
"com.amazonaws.us-east-1.awsconnector",
"com.amazonaws.us-east-1.cleanrooms",
"com.amazonaws.us-east-1.cloudtrail",
"com.amazonaws.us-east-1.codeguru-profiler",
"com.amazonaws.us-east-1.codeguru-reviewer",
"com.amazonaws.us-east-1.codepipeline",
"com.amazonaws.us-east-1.datasync",
"com.amazonaws.us-east-1.deviceadvisor.iot",
"com.amazonaws.us-east-1.ebs",
"com.amazonaws.us-east-1.eks",
"com.amazonaws.us-east-1.elastic-inference.runtime",
"com.amazonaws.us-east-1.email-smtp",
"com.amazonaws.us-east-1.grafana-workspace",
"com.amazonaws.us-east-1.iot.data",
"com.amazonaws.us-east-1.iotwireless.api",
"com.amazonaws.us-east-1.lorawan.cups",
"com.amazonaws.us-east-1.lorawan.lns",
"com.amazonaws.us-east-1.macie2",
"com.amazonaws.us-east-1.redshift-data",
"com.amazonaws.us-east-1.refactor-spaces",
"com.amazonaws.us-east-1.sagemaker.runtime-fips",
"com.amazonaws.us-east-1.storagegateway",
"com.amazonaws.us-east-1.transfer",
"com.amazonaws.us-east-1.transfer.server",
]
IPv6 サポートを表示する
次の describe-vpc-endpoint-services コマンドを使用すると、指定したリージョンで IPv6 経由でアクセスできる AWS のサービス を表示できます。--query
オプションは、出力をサービス名に制限します
aws ec2 describe-vpc-endpoint-services \ --filter Name=supported-ip-address-types,Values=ipv6 Name=owner,Values=amazon \ --region
us-east-1
\ --query ServiceNames
出力例を次に示します。
[
"aws.api.us-east-1.kendra-ranking",
"com.amazonaws.us-east-1.athena"
]