1 SSH into private EC2 instance (through public EC2 instance)
2 Assign the IAM role of full s3 access to the EC2 instance
3 Run aws s3 ls to list all the s3 buckets
4 Cut off internet access in route table
5 Make sure aws s3 lsdoes not work
6 Create a VPC endpoint
Service category = AWS service
Service = com.amazonaws.ap-southeast-2.s3
VPC = my-vpc
Route Table = private route table
7 aws s3 ls still doesn't work
8 Need to append region, so aws s3 ls --region ap-southeast-2
1 SSH into private EC2 instance (through public EC2 instance) 2 Assign the IAM role of full s3 access to the EC2 instance 3 Run
aws s3 ls
to list all the s3 buckets 4 Cut off internet access in route table 5 Make sureaws s3 ls
does not work 6 Create a VPC endpoint Service category = AWS service Service = com.amazonaws.ap-southeast-2.s3 VPC = my-vpc Route Table = private route table 7aws s3 ls
still doesn't work 8 Need to append region, soaws s3 ls --region ap-southeast-2