Amazon Virtual Private Cloud
User Guide

Example: Service Consumer Configures Access

Consider the following example, where a service runs on instances in Provider VPC. Resources that are in Consumer VPC 3 can directly access the service through an AWS PrivateLink VPC endpoint service in Consumer VPC 3.

To allow resources that are in Consumer VPC 1 to privately access the service, the service consumer must complete the following steps:

  1. Create Consumer VPC 2.

  2. Create a VPC endpoint that spans one or more subnets in Consumer VPC 2.

  3. Adjust the security groups associated with the VPC endpoint service in Consumer VPC 2 to allow traffic from the instances in Consumer VPC 1. Adjust the security groups associated with the instances in Consumer VPC 1 to allow traffic to the VPC endpoint service in Consumer VPC 2.

  4. Configure VPC peering between Consumer VPC 1 and Consumer VPC 2 so that traffic is routed between the two VPCs.