Hey everyone! I need some help with accessing and writing to an S3 bucket located in the us-west-2 region, regardless of where my service is deployed. My service requires access to local buckets in its own region as well as to that specific bucket in us-west-2. The challenge is that our VPC doesn't have internet access, and using VPC peering isn't an option for us. Are there any other solutions available? Also, is it possible to create two separate VPC endpoints for S3, one for each region?
6 Answers
You can definitely use an S3 VPC Endpoint. But just to clarify, does that work cross-region? Can you create two S3 VPC endpoints, one for your service’s region and another for us-west-2?
Just make sure to configure them properly to avoid any routing issues.
I think AWS PrivateLink might be your best option here for accessing resources in different regions!
If you’re looking at more complicated setups, a transit gateway can help you peer VPCs across regions. You would need to set up interface S3 endpoints to manage this without needing internet access. Just be wary of data transfer costs, as they can stack up.
Using a VPC endpoint is a solid choice! It keeps your traffic private without routing through the internet.
Have you considered using S3 Multi-Region Access Points? That might suit your needs! Check it out here: [Multi-Region Access Points](https://aws.amazon.com/s3/features/multi-region-access-points/)
You might be overcomplicating things! A straightforward solution is to replicate the S3 bucket to your local region and read from that copy. Storage costs are low, and it can save you from potential outages that could affect your global service.
Good point about storage being cheap, but the transfer costs might add up depending on how often the data changes.
But we actually need to write to that bucket, and another service reads from it. Doesn't that complicate things? Replication alone wouldn't solve our problem, right?
Yes, you can create multiple endpoints for different regions!