Reputation: 930
VPC with Public and Private Subnets, s3 endpoints
I'm creating the VPC for an social networking app I'm working on and am somewhat confused when it comes to public and private data.
My question is should I add public or private (or both) s3 endpoints to my subnets and why? What information should be public, what should be private? The app is a lot like facebook and users will be signing in to profiles and posting text and media posts all with a customizable privacy settings.
Upvotes: 3
Views: 3487
Answers (1)
Reputation: 178956
S3 endpoints in VPC serve only one purpose: they manipulate your VPC route tables and modify the way your EC2 instances' internal traffic is routed to S3.
They have no direct impact on Internet access to S3, nor to the public/private classification of data, and are not needed in order to use S3. S3 works fundamentally the same with or without them. Unless you have some strict compliance requirements that constrain your deployment, or an unusual network topology, or you have an extreme amount of traffic between your EC2 instances and S3, they aren't something you probably need.
As a new user, your best move is probably not to set them up, since it's potentially one more detail you don't need to deal with. At some point, you may find a reason why you'd want to add them, but for now, I wouldn't.
Regarding public vs private subnets I'm VPC, (unrelated to S3 endpoints), see Why do we need private subnet in VPC? For an explanation.
Upvotes: 4
Related Questions
- Multiple private subnets?
- How to place EC2 instance in both public and private subnet?
- AWS: how to connect together 2 public subnets
- AWS - vpc: private subnet access from public subnet
- How to use AWS VPC endpoints in NAT enabled subnets?
- AWS public subnet VPC communication
- Need a public Subnet for each EC2?
- AWS Public Subnet Internet Access for Non Public IP Instances
- Private subnets options in AWS
- AWS vpc access the Internet from public subnet