AWS S3作为非结构化数据的存储,经常会有内网中的app调用的需求。S3默认是走公网访问的,如果内网app通过公网地址访问S3并获取数据会消耗公网带宽费用。如下图所示:
AWS 提供了一种叫做endpoints的资源,这种资源可以后挂S3服务,使得内网服务可以不出公网访问S3.
VPC endpoints for Amazon S3 simplify access to S3 from within a VPC by providing configurable and highly reliable secure connections to S3 that do not require an internet gateway or Network Address Translation (NAT) device. When you create a S3 VPC endpoint, you can attach an endpoint policy to it that controls access to Amazon S3.
创建endpoints时,如果是S3,需选择gateway类型。
There are three types of VPC endpoints – Interface endpoints, Gateway Load Balancer endpoints, and Gateway endpoints. Interface endpoints and Gateway Load Balancer endpoints are powered by AWS PrivateLink, and use an Elastic Network Interface (ENI) as an entry point for traffic destined to the service. Interface endpoints are typically accessed using the public or private DNS name associated with the service, while Gateway endpoints and Gateway Load Balancer endpoints serve as a target for a route in your route table for traffic destined for the service.文章来源:https://www.toymoban.com/news/detail-771886.html
创建完成后(按需配置VPC,route table等),即可使用https://{{bucket-name}}.s3.ap-southeast-1.amazonaws.com通过aws内网(骨干网)访问S3了。
图片参考:https://www.youtube.com/watch?v=jo3X_aay4Vs文章来源地址https://www.toymoban.com/news/detail-771886.html
到了这里,关于通过AWS Endpoints从内网访问S3的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!