1 00:00:00,140 --> 00:00:02,290 ‫So all the AWS services 2 00:00:02,290 --> 00:00:04,340 ‫we've been using so far, are public. 3 00:00:04,340 --> 00:00:05,660 ‫That means that when we connect to them, 4 00:00:05,660 --> 00:00:07,580 ‫we are connecting to them publicly. 5 00:00:07,580 --> 00:00:09,560 ‫But if we use a VPC endpoint, 6 00:00:09,560 --> 00:00:11,570 ‫we can connect to these services, 7 00:00:11,570 --> 00:00:13,550 ‫using a private AWS network 8 00:00:13,550 --> 00:00:16,450 ‫instead of using the public internet network. 9 00:00:16,450 --> 00:00:17,283 ‫Why? 10 00:00:17,283 --> 00:00:19,210 ‫Well, this will give you a better security 11 00:00:19,210 --> 00:00:21,450 ‫because you're not going over the public internet 12 00:00:21,450 --> 00:00:23,050 ‫and also, less latency 13 00:00:23,050 --> 00:00:26,890 ‫because you don't access the services through network hops. 14 00:00:26,890 --> 00:00:27,730 ‫So let's take an example, 15 00:00:27,730 --> 00:00:29,860 ‫we have a VPC, a private subnet 16 00:00:29,860 --> 00:00:32,250 ‫and an EC2 instance in that private subnets 17 00:00:32,250 --> 00:00:36,066 ‫and say, we want to connect to Amazon S3 or DynamoDB. 18 00:00:36,066 --> 00:00:39,470 ‫For this we create a VPC endpoint, of type gateway. 19 00:00:39,470 --> 00:00:40,620 ‫So you have to remember this. 20 00:00:40,620 --> 00:00:44,430 ‫The gateway endpoint is for Amazon S3 and DynamoDB only. 21 00:00:44,430 --> 00:00:46,330 ‫And using this EC2 instance, 22 00:00:46,330 --> 00:00:49,500 ‫you can connect through the gateway, into Amazon S3 23 00:00:49,500 --> 00:00:52,370 ‫and DynamoDB, but privately. 24 00:00:52,370 --> 00:00:54,290 ‫The other type of endpoints you have, 25 00:00:54,290 --> 00:00:56,470 ‫is a VPC endpoint interface 26 00:00:56,470 --> 00:00:59,410 ‫which is to connect to any other services on AWS. 27 00:00:59,410 --> 00:01:00,580 ‫For example, CloudWatch, 28 00:01:00,580 --> 00:01:02,970 ‫if you want it to push a custom metric 29 00:01:02,970 --> 00:01:06,040 ‫from your EC2 instance into the CloudWatch service. 30 00:01:06,040 --> 00:01:09,040 ‫So for this, we will have a VPC endpoint interface 31 00:01:09,040 --> 00:01:11,290 ‫and then the EC2 instance will connect to it, 32 00:01:11,290 --> 00:01:13,230 ‫to connect to CloudWatch. 33 00:01:13,230 --> 00:01:15,830 ‫So on the left hand side, I have to click on endpoints, 34 00:01:15,830 --> 00:01:17,030 ‫not endpoint services. 35 00:01:17,030 --> 00:01:19,350 ‫You have to click on the endpoints on the top 36 00:01:19,350 --> 00:01:21,670 ‫to create an endpoint and see what I see. 37 00:01:21,670 --> 00:01:24,610 ‫So we can create an endpoint for an AWS service, 38 00:01:24,610 --> 00:01:26,000 ‫and you have to choose the service. 39 00:01:26,000 --> 00:01:28,560 ‫For example, if I have any of these services, 40 00:01:28,560 --> 00:01:30,290 ‫is going to be of type interface. 41 00:01:30,290 --> 00:01:32,060 ‫So it says interface everywhere. 42 00:01:32,060 --> 00:01:35,830 ‫But if it's for DynamoDB, or if it is for Amazon S3, 43 00:01:35,830 --> 00:01:37,070 ‫which is at the bottom, 44 00:01:37,070 --> 00:01:40,090 ‫it's going to be and I need to go all the way to the bottom. 45 00:01:40,090 --> 00:01:42,140 ‫To see this, so I need you to go to the next page 46 00:01:42,140 --> 00:01:44,100 ‫and then find Amazon S3, here it is. 47 00:01:44,100 --> 00:01:46,060 ‫It is going to be a gateway. 48 00:01:46,060 --> 00:01:47,990 ‫So this is the only thing that you remember, okay? 49 00:01:47,990 --> 00:01:51,810 ‫VPC endpoints are for accessing your services privately. 50 00:01:51,810 --> 00:01:55,050 ‫For Amazon S3 and DynamoDB, it is a gateway. 51 00:01:55,050 --> 00:01:56,930 ‫And for all the other services, 52 00:01:56,930 --> 00:01:58,670 ‫it is going to be an interface. 53 00:01:58,670 --> 00:02:00,840 ‫I won't go and I won't set it up for you right now, 54 00:02:00,840 --> 00:02:01,940 ‫because this is more complicated 55 00:02:01,940 --> 00:02:03,260 ‫and out of scope for the exam. 56 00:02:03,260 --> 00:02:04,093 ‫You just need to remember 57 00:02:04,093 --> 00:02:06,630 ‫about the concept of a VPC endpoint. 58 00:02:06,630 --> 00:02:07,463 ‫Okay, so that's it 59 00:02:07,463 --> 00:02:08,296 ‫I hope you liked it 60 00:02:08,296 --> 00:02:10,150 ‫and I will see you in the next lecture.