I'm trying to share a VPC service endpoint that uses gateway load balancers throughout my entire organization. However, I've run into issues because it seems like the resource policy only allows me to set specific principals. Has anyone figured out how to do this? I've searched for documentation but can't seem to find what I need.
2 Answers
You might want to look into VPC Lattice. It allows you to share services within a service network using Resource Access Manager (RAM). You can select Organizational Unit IDs or account IDs as principals, and your service policies also need to permit invocation by consumers. Just remember, Lattice is typically for same-region setups, but it can work across regions with some additional configuration and you'll need to be wary of cross-region latencies.
Is this guide what you’re looking for? It goes over centralized access to VPC private endpoints and might have the info you need: https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/centralized-access-to-vpc-private-endpoints.html
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads