
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
Virtual Private Cloud (VPC) Endpoints are used for communication between different AWS Services in the Virtual Private Cloud (VPC). The communication only occurs within the VPC - it never goes outside the VPC, never gets onto the Internet. In this way, this is good from a privacy and security perspective. For example, a Virtual Private Cloud (VPC) Endpoint can be created for communication between EC2 and an API Gateway.
The aws ec2 describe-vpc-endpoints command can be used to list the VPC Endpoints you have created.
aws ec2 describe-vpc-endpoints
And here is an example of how to limit the output using the --query option.
aws ec2 describe-vpc-endpoints --query 'VpcEndpoints[?ServiceName==`com.amazonaws.us-east-1.sns`]'
Something like this should be returned.
{
"VpcEndpoints": [
{
"VpcEndpointId": "vpce-04d97fbff2f4e862f",
"VpcEndpointType": "Interface",
"VpcId": "vpc-0a9d4cb29e2748444",
"ServiceName": "com.amazonaws.us-east-1.execute-api",
"State": "available",
"PolicyDocument": "{\n \"Statement\": [\n {\n \"Action\": \"*\", \n \"Effect\": \"Allow\", \n \"Principal\": \"*\", \n \"Resource\": \"*\"\n }\n ]\n}",
"RouteTableIds": [],
"SubnetIds": [
"subnet-0f015da3a1e164304",
"subnet-0d2d8580c46d6d280"
],
"Groups": [
{
"GroupId": "sg-083870552fd33fe48",
"GroupName": "my-security-group"
}
],
"IpAddressType": "ipv4",
"DnsOptions": {
"DnsRecordIpType": "ipv4"
},
"PrivateDnsEnabled": true,
"RequesterManaged": false,
"NetworkInterfaceIds": [
"eni-0098d642e37e30d56",
"eni-08d3040baf7098795"
],
"DnsEntries": [
{
"DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z.execute-api.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z-us-east-1b.execute-api.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z-us-east-1a.execute-api.us-east-1.vpce.amazonaws.com",
"HostedZoneId": "Z7HUB22UULQXV"
},
{
"DnsName": "execute-api.us-east-1.amazonaws.com",
"HostedZoneId": "Z003023633IKP4QCN263F"
},
{
"DnsName": "*.execute-api.us-east-1.amazonaws.com",
"HostedZoneId": "Z003023633IKP4QCN263F"
}
],
"CreationTimestamp": "2024-04-29T05:21:17.539000+00:00",
"Tags": [
{
"Key": "Name",
"Value": "my-endpoint"
}
],
"OwnerId": "123456789012"
}
]
Did you find this article helpful?
If so, consider buying me a coffee over at