AWS PrivateLink for Amazon S3#
This section demonstrates how to configure an S3 client to use an interface VPC endpoint.
Configuring the client endpoint URL#
When configuring an S3 client to use an interface VPC endpoint it’s important to note that only the resource type specified in the endpoint can be addressed using that client. Accessing both buckets and access points requires instantiating two clients, one for each resource type.
The following example configures an S3 client to access S3 buckets via an interface VPC endpoint. This client cannot be used to address S3 access points.
import boto3
s3_client = boto3.client(
service_name='s3',
endpoint_url='https://bucket.vpce-abc123-abcdefgh.s3.us-east-1.vpce.amazonaws.com'
)
The following example configures an S3 client to access S3 access points via an interface VPC endpoint. This client cannot be used to address S3 buckets.
import boto3
s3_client = boto3.client(
service_name='s3',
endpoint_url='https://accesspoint.vpce-abc123-abcdefgh.s3.us-east-1.vpce.amazonaws.com'
)
The following example configures an S3 Control client to use an interface VPC endpoint.
import boto3
control_client = boto3.client(
service_name='s3control',
endpoint_url='https://control.vpce-abc123-abcdefgh.s3.us-east-1.vpce.amazonaws.com'
)