VPC Endpoint Service Overview

A VPC endpoint service is a cloud service or a private service that can be accessed through a VPC endpoint.

There are two types of VPC endpoint services: gateway and interface.

  • Gateway VPC endpoint services are created only for cloud services.

  • Interface VPC endpoint services can be created for both cloud services and your private services. All VPC endpoint services for cloud services are created by default while those for private services need to be created by users themselves.

Note

Supported cloud services vary in different regions. For details, see the list of services that can be configured on the management console.

This section describes how to configure a VPC endpoint service (interface type) from your private service and how to manage it.

Table 1 Management of VPC endpoint services

Operation

Description

Constraint

Creating a VPC Endpoint Service

Describes how to configure a private service as a VPC endpoint service.

  • VPC endpoint services are region-level resources. Select a region and project when you create such a service.

  • Each tenant can create a maximum of 20 VPC endpoint services.

  • The following private services can be configured into VPC endpoint services:

    • Elastic load balancer: Backend resources of this type suit services that receive high access traffic and demand high reliability and disaster recovery (DR) performance.

    • ECS: Backend resources of this type serve as servers.

  • One VPC endpoint service corresponds to only one backend resource.

Viewing Summary of a VPC Endpoint Service

Describes how to query details of a VPC endpoint service.

None

Deleting a VPC Endpoint Service

Describes how to delete a VPC endpoint service.

  • Deleted VPC endpoint services cannot be recovered. Exercise caution when performing this operation.

  • Only VPC endpoint services configured from users' private services can be deleted.

  • VPC endpoint services in the Accepted or Creating state cannot be deleted.

Managing Connections of a VPC Endpoint Service

Describes how to set connection approval of a VPC endpoint service to determine whether to allow a VPC endpoint to connect to the VPC endpoint service.

You can specify whether to allow a VPC endpoint to connect to a VPC endpoint service only when connection approval is enabled during VPC endpoint service creation.

Managing Whitelist Records of a VPC Endpoint Service

Describes how to manage whitelist records of a VPC endpoint service to control across-account access between a VPC endpoint and a VPC endpoint service.

  • The VPC endpoint must be in the same region as the VPC endpoint service.

  • Before you configure the whitelist for a VPC endpoint service, obtain the domain ID of the associated VPC endpoint.

Viewing Port Mappings of a VPC Endpoint Service

Describes how to view the port mapping between a VPC endpoint and a VPC endpoint service, including the supported protocol, service port, and terminal port.

  • Configuring a port mapping is required when you create a VPC endpoint service.

  • After a VPC endpoint service is created, you can view its port mappings but cannot modify them.

Managing Tags of a VPC Endpoint Service

Describes how to manage VPC endpoint service tags, including viewing, adding, editing, and deleting tags.

A maximum of 10 tags can be added to each VPC endpoint service.