(ec2): S3 interface VPC endpoint

[lysterious]

Use Case

To use S3 without a NAT GW, in an isolated subnet.

Proposed Solution

Adding missing definition in code

Other

👋 I may be able to implement this feature request

This is a 🚀 Feature Request

[jogold]

S3 is available as a gateway (not interface) vpc endpoint: ec2.GatewayVpcEndpointAwsService.S3

Example https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-ec2/test/integ.vpc-endpoint.lit.ts

See https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html

[lysterious]

Hello @jogold,
As of February 2021, I believe that S3 is available as an Interface VPC Endpoint as well: https://aws.amazon.com/blogs/aws/aws-privatelink-for-amazon-s3-now-available/

I have managed to launch it manually in the console and test it out, but couldn't find support for it in the CDK.

[jogold]

Hello @jogold,
As of February 2021, I believe that S3 is available as an Interface VPC Endpoint as well: aws.amazon.com/blogs/aws/aws-privatelink-for-amazon-s3-now-available

I have managed to launch it manually in the console and test it out, but couldn't find support for it in the CDK.

You're right, missed that.

[ThinkinGim]

Would you mind updating me on the status of this request? If there is no issue to add S3 into InterfaceVpcEndpointAwsService, it should be done as quick as possible because to access to S3 through Interface-Endpoint is common practice for security reason, I think.

[from20020516]

any progress here? looks like #16448 is fine but need pr-linter/exempt-test tag same as #16306.

[TheRealAmazonKendra]

This has now been completed.

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.