- TechOps Examples
- Posts
- AWS VPC Gateway Endpoints - The Most Underrated Cost Savers
AWS VPC Gateway Endpoints - The Most Underrated Cost Savers
TechOps Examples
Hey — It's Govardhana MK 👋
Along with a use case deep dive, we identify the top news, tools, videos, and articles in the TechOps industry.
👋 Before we begin... a big thank you to today's sponsor MORNING BREW
This isn’t traditional business news
Welcome to Morning Brew—the free newsletter designed to keep you in the know on the business news impacting your career, company, and life—in a way you didn’t know you needed.
Note: this isn’t traditional business news. Morning Brew’s approach cuts through the noise and bore of classic business media, opting for short writeups, witty jokes, and above all—presenting the facts.
Save time, actually enjoy business news, and join over 4 million professionals reading daily.
IN TODAY'S EDITION
🧠 Use Case
AWS VPC Gateway Endpoints - The Most Underrated Cost Savers
🚀 Top News
2024 Google’s DORA Accelerate State of DevOps report
📽️ Videos
Linux: The Origin Story
📚️ Resources
Git by example: Interactive guide
Infrastructure as Code Landscape Overview 2024
How to Create 3D System Architecture Diagrams with Nested Subscenes
🛠️ TOOL OF THE DAY
portainer-templates - A compiled list of 500+ ready to go Portainer App templates.
🧠 USE CASE
AWS VPC Gateway Endpoints - The Most Underrated Cost Savers
Cloud designs are purely subjective; one can achieve the same result with multiple design combinations.
True expertise lies in building simple, cost-effective, secure, and highly available systems.
A common oversight in cloud architectures is missing the opportunity to leverage the internal AWS network.
Many teams still use public internet access to connect their resources, which can lead to higher costs and potential security vulnerabilities.
One efficient way to optimize both cost and security is by implementing VPC Gateway Endpoints.
What is a VPC Gateway Endpoint?
A VPC Gateway Endpoint allows instances within a VPC to securely connect to supported AWS services (like S3 and DynamoDB) over a private network, bypassing the public internet.
In the design shown above, we have a clear comparison between accessing an S3 bucket without and with a VPC Gateway Endpoint:
1. Without VPC Gateway Endpoint:
The EC2 instance in a public subnet communicates with the S3 bucket over the internet, using the Internet Gateway.
Additionally, routing through the internet can expose your traffic to external risks.
This setup incurs higher data transfer costs.
2. With VPC Gateway Endpoint:
The EC2 instance in a private subnet uses a VPC Gateway Endpoint to communicate with the S3 bucket over the AWS private network, unlike other VPC endpoints that use AWS PrivateLink.
It also enhances security by avoiding internet exposure and keeping traffic within AWS's private network.
This approach significantly reduces costs, bringing down the data transfer bill to almost 96%*
Types of VPC Endpoints
AWS provides two main types of VPC Endpoints:
Gateway Endpoints: Connects to S3 and DynamoDB within a VPC without needing an internet gateway.
Ideal for high-throughput, low-cost access to S3 or DynamoDB, especially for large data transfers.
There is no additional charge for using Gateway Endpoints.
Interface Endpoints: Connects to other AWS services over a private network using an Elastic Network Interface (ENI).
Suitable for accessing various AWS services with granular security controls and direct service connectivity.
Useful links for understanding AWS data transfer charges:
Knowing things is the starting point for doing things. I hope this use case was helpful in understanding VPC Gateway Endpoints.
You may even like: