Amazon VPC Peering and Endpoints
VPC Connectivity Deep Dive
Connect VPCs privately without internet gateways.
Connectivity Options
VPC Peering: - Same/different accounts - Same/different regions (Global) - Non-transitive (A<->B, B<->C, A not<->C) - DNS resolution supported VPC Endpoints (Interface/Gateway): Gateway Endpoints (free): - S3, DynamoDB (private access) Interface Endpoints ($0.01/hr): - 120+ services (API Gateway, CloudWatch) Transit Gateway: - Hub-and-spoke (1000s VPCs) - Shared VPC services
Security Best Practices
- VPC endpoint policies restrict access
- PrivateLink for SaaS partner access
- Transit Gateway policy tables
- Route table optimization