0
0
DynamoDBquery~5 mins

VPC endpoints for private access in DynamoDB

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction

VPC endpoints let you connect to DynamoDB securely without using the internet. This keeps your data safe and private.

When you want to access DynamoDB from your private cloud network without exposing traffic to the internet.
When you need to improve security by keeping data transfer inside your cloud environment.
When your applications run in a private subnet and cannot access the internet.
When you want to reduce data transfer costs by avoiding internet gateways.
When you want to control access to DynamoDB using your network policies.
Syntax
DynamoDB
aws ec2 create-vpc-endpoint \
  --vpc-id vpc-123abc \
  --service-name com.amazonaws.<region>.dynamodb \
  --route-table-ids rtb-123abc rtb-456def
Replace vpc-123abc with your VPC ID.
Use the correct region for your AWS region, like us-east-1.
Examples
This command creates a VPC endpoint for DynamoDB in the us-east-1 region using two route tables.
DynamoDB
aws ec2 create-vpc-endpoint \
  --vpc-id vpc-0a1b2c3d4e5f6g7h8 \
  --service-name com.amazonaws.us-east-1.dynamodb \
  --route-table-ids rtb-0a1b2c3d rtb-1a2b3c4d
This command shows details about a specific VPC endpoint by its ID.
DynamoDB
aws ec2 describe-vpc-endpoints --vpc-endpoint-ids vpce-1234567890abcdef0
Sample Program

This example creates a VPC endpoint for DynamoDB in the us-west-2 region. It uses two route tables to allow private access.

DynamoDB
aws ec2 create-vpc-endpoint \
  --vpc-id vpc-0abc123def456ghi7 \
  --service-name com.amazonaws.us-west-2.dynamodb \
  --route-table-ids rtb-0abc1234 rtb-0def5678
OutputSuccess
Important Notes

VPC endpoints for DynamoDB use the Gateway type, which adds route entries to your route tables.

Make sure your route tables are associated with the subnets where your resources reside.

After creating the endpoint, traffic to DynamoDB is automatically routed privately. No application changes are required.

Summary

VPC endpoints let you connect to DynamoDB privately without internet access.

Use the AWS CLI to create and manage VPC endpoints with your VPC and route tables.

This improves security and can reduce costs by keeping traffic inside your cloud network.