- Newest
- Most votes
- Most comments
You are receiving above because unfortunately, the Interface Endpoints for S3 don't support Private DNS. [1]. This feature is enabled by default in the creation settings. If your intentions are to access S3 from on premises or another region, a slight change needs to be made in the creation process. Please see the below steps in order to successfully create your S3 interface endpoint [2]:
================= S3 Interface endpoint
-Return to your VPC -Select > Endpoints, Create Endpoint. -Select > AWS service name (S3), Type (Interface) -After making your VCP selection > there is a drop down "Additional settings" > deselect "Enable DNS name" (Selected by Default) -Select > your Subnet/s and continue as normal to complete the endpoint.
*Note: S3 interfaces use public, interface specific Regional and Zonal DNS names that are created when you make an S3 interface endpoint. These DNS names are resolved to the private IP's of your respective subnet ENI's within your VPC. Which can be accessed securely within the AWS network via these Private IPs. There is no need to configure a DNS resolver. I have also listed a link that elaborates on the comparison of S3 interface and gateway endpoints [3].
[1]Private DNS for interface endpoints https://docs.aws.amazon.com/vpc/latest/privatelink/vpce-interface.html#vpce-private-dns
[2] Creating an Interface Endpoint https://docs.aws.amazon.com/vpc/latest/privatelink/vpce-interface.html#create-interface-endpoint
[3] S3 Endpoint comparison https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html#types-of-vpc-endpoints-for-s3
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 3 months ago