AWS PrivateLink - Amazon Virtual Private Cloud Connectivity Options

AWS PrivateLink

AWS PrivateLink enables you to connect to some AWS services, services hosted by other AWS accounts (referred to as endpoint services), and supported AWS Marketplace partner services, via private IP addresses in your VPC. The interface endpoints are created directly inside of your VPC, using elastic network interfaces and IP addresses in your VPC’s subnets. That means that VPC Security Groups can be used to manage access to the endpoints.

Figure 19 - AWS PrivateLink

We recommend this approach if you want to use services offered by another VPC securely within the AWS network, with all network traffic staying on the global AWS backbone and never traversing the public internet.

Additional resources