VPCAddEndpoints
Description
Create a private connection between your VPC and AWS services. Several selected AWS services VPC endpoints are included in this pattern by default:
Interface endpoints
-
CloudWatch
-
ECR DKR (Docker Registry API)
-
ECR
-
System manager (SSM)
Gateway endpoints
-
S3
-
DynamoDB
You need to add VPC endpoints of services not listed above manually in order to call those services API from inside of your VPC. For more information, see the AWS PrivateLink User Guide
Resources
AWS::EC2::SecurityGroup
AWS::EC2::VPCEndpoint
-
CloudWatch (Interface endpoint)
-
ECR DKR (Interface endpoint)
-
ECR (Interface endpoint)
-
SSM (Interface endpoint)
-
S3 (Gateway endpoint)
-
DynamoDB (Gateway endpoint)
Input
VPC
Logical ID of AWS::EC2::VPC resource in which you want to add endpoints.
privateSubnet1
Logical ID of AWS::EC2::Subnet private subnet resource #1 to associate with
interface endpoints.
privateSubnet2
Logical ID of AWS::EC2::Subnet private subnet resource #2 to associate with interface endpoints.
privateRouteTable1
Logical ID of AWS::EC2::RouteTable private routing table resource #1 to associate with gateway endpoints.
privateRouteTable2
Logical ID of AWS::EC2::RouteTable private routing table resource #2 to associate with gateway endpoints.