Does the AmazonS3 class from the AWS JavaSDK use the public internet to upload a file to an s3 bucket?


I am building a spring boot application that can upload images to an s3 bucket. When its finished it will run on an EC2 instance that is in the same region as my s3 buckets.

The sping boot application is using the AWS sdk for java to connect to and upload files to s3. The s3Client class that does the uploading is instantiated in the following way:

public AmazonS3 s3client() {
    BasicAWSCredentials awsCreds = new BasicAWSCredentials(awsId, awsKey);
    AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
            .withCredentials(new AWSStaticCredentialsProvider(awsCreds))
            new ClientConfiguration()
    return s3Client;

When I upload a file from localhost it must go through the public internet. But i want the s3Client to use the internal network of the AWS region once the application is running on EC2, simply because its a lot faster. My question is: Will the s3Client do this by default or do i need to configure it to use the internal network? If so, how do i do that?


1 Answer
Accepted Answer

Whether AWS API calls go via public internet or not is determined by your VPC networking setup - specifically VPC Endpoints. For the S3 service you can have either a Gateway or Interface VPC Endpoint. Generally a Gateway one is the way to go unless you need access to the endpoint from on-prem. So if your VPC is set up with an S3 Gateway VPC Endpoint and you have the appropriate route in your route tables, then any AWS API calls to S3 from your EC2 instance will stay on the AWS network.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions