Reputation:
AWS .NET SDK: cannot access S3 from S3 endpoint
my web servers needs to access S3. When I place them in the public subnets, or place them in the private subnets and use NAT gateways, everything works fine:
IAmazonS3 client = new AmazonS3Client("myaccesskey", "mysecretkey", enRegion);
PutObjectRequest putReq = new PutObjectRequest();
putReq.FilePath = "c:\temp\myphoto.jpg";
putReq.BucketName = "MyBucket";
putReq.Key = "myphoto.jpg";
PutObjectResponse putResp = client.PutObject(putReq);
Now I tried to place the web servers in the private subnet with S3 endpoints, my code can no longer access S3. Do I need to change the code?
Upvotes: 0
Views: 395
Answers (1)
Reputation: 6099
Just a FYI VPC's are truly private. Only traffic that you explicitly allow can transit the borders of the VPC.
So, inside a VPC, instances needing access to external resources either need to be assigned an EIP (in which case they can access external resources using AWS's infrastructure), or you need to provide a NAT host (in which case all of the traffic egresses the VPC via your own NAT).
As of May 11th, 2015, AWS has released a "VPC Endpoint" for S3, which allows access to S3 directly from a VPC without having to go through a proxy host or NAT instance
You Can Create Endpoint, choose the desired VPC, and customize the access policy (if you want):
Please Refer AWS Blog Post For Details.
Hope this helps.
Upvotes: 0
Related Questions
- No RegionEndpoint or ServiceURL configured
- ASP.NET Core 2 Web API AWS .NET SDK S3 Access Denied
- AWS: unable to find credentials error
- Deploying AWS .NET SDK project failing
- Configuring AWS S3 Client in .NET Core
- AWS S3 403 Access Denied from EC2 instance
- AWS SDK for .NET can't access credentials with IIS
- Amazon S3 C# SDK "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel." Error
- Amazon S3 .net sdk using IAM credentials
- Amazon S3 issues getting SSL to work with c# sdk