Bootstrap FreeKB - Amazon Web Services (AWS) - List Virtual Private Cloud (VPC) Endpoints using the AWS CLI
Amazon Web Services (AWS) - List Virtual Private Cloud (VPC) Endpoints using the AWS CLI


This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

Virtual Private Cloud (VPC) Endpoints are used for communication between different AWS Services in the Virtual Private Cloud (VPC). The communication only occurs within the VPC - it never goes outside the VPC, never gets onto the Internet. In this way, this is good from a privacy and security perspective. For example, a Virtual Private Cloud (VPC) Endpoint can be created for communication between EC2 and an API Gateway.

The aws ec2 describe-vpc-endpoints command can be used to list the VPC Endpoints you have created.

aws ec2 describe-vpc-endpoints

 

And here is an example of how to limit the output using the --query option.

aws ec2 describe-vpc-endpoints --query 'VpcEndpoints[?ServiceName==`com.amazonaws.us-east-1.sns`]'

 

Something like this should be returned.

{
    "VpcEndpoints": [
        {
            "VpcEndpointId": "vpce-04d97fbff2f4e862f",
            "VpcEndpointType": "Interface",
            "VpcId": "vpc-0a9d4cb29e2748444",
            "ServiceName": "com.amazonaws.us-east-1.execute-api",
            "State": "available",
            "PolicyDocument": "{\n  \"Statement\": [\n    {\n      \"Action\": \"*\", \n      \"Effect\": \"Allow\", \n      \"Principal\": \"*\", \n      \"Resource\": \"*\"\n    }\n  ]\n}",
            "RouteTableIds": [],
            "SubnetIds": [
                "subnet-0f015da3a1e164304",
                "subnet-0d2d8580c46d6d280"
            ],
            "Groups": [
                {
                    "GroupId": "sg-083870552fd33fe48",
                    "GroupName": "my-security-group"
                }
            ],
            "IpAddressType": "ipv4",
            "DnsOptions": {
                "DnsRecordIpType": "ipv4"
            },
            "PrivateDnsEnabled": true,
            "RequesterManaged": false,
            "NetworkInterfaceIds": [
                "eni-0098d642e37e30d56",
                "eni-08d3040baf7098795"
            ],
            "DnsEntries": [
                {
                    "DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z.execute-api.us-east-1.vpce.amazonaws.com",
                    "HostedZoneId": "Z7HUB22UULQXV"
                },
                {
                    "DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z-us-east-1b.execute-api.us-east-1.vpce.amazonaws.com",
                    "HostedZoneId": "Z7HUB22UULQXV"
                },
                {
                    "DnsName": "vpce-04d97fbff2f4e862f-ixh4mx4z-us-east-1a.execute-api.us-east-1.vpce.amazonaws.com",
                    "HostedZoneId": "Z7HUB22UULQXV"
                },
                {
                    "DnsName": "execute-api.us-east-1.amazonaws.com",
                    "HostedZoneId": "Z003023633IKP4QCN263F"
                },
                {
                    "DnsName": "*.execute-api.us-east-1.amazonaws.com",
                    "HostedZoneId": "Z003023633IKP4QCN263F"
                }
            ],
            "CreationTimestamp": "2024-04-29T05:21:17.539000+00:00",
            "Tags": [
                {
                    "Key": "Name",
                    "Value": "my-endpoint"
                }
            ],
            "OwnerId": "123456789012"
        }
    ]

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter c59076 in the box below so that we can be sure you are a human.