This is regarding the interface endpoints to enable private communication between worker instances on AWS and various AWS services.
Reference: https://helpcenter.veeam.com/docs/vbaws ... operations
To reduce the number of endpoints to be deployed, would it be possible to configure following configuration:
-Only the S3 interface endpoint is deployed
-Worker instance to publicly communicate with services (i.e. SQS, EBS, etc) via a NAT Gateway
Please also let me know if there are any considerations or precautions for such a setup.
-
NaoTakahashi
- Lurker
- Posts: 1
- Liked: never
- Joined: Apr 01, 2026 5:30 am
- Full Name: Naoyuki Takahashi
- Contact:
-
nielsengelen
- Product Manager
- Posts: 6339
- Liked: 1328 times
- Joined: Jul 15, 2013 11:09 am
- Full Name: Niels Engelen
- Contact:
Re: Question regarding Endpoint configuration with NAT Gateway
Hi,
It is possible to configure this.
Worker appliances will not have public IPs, but the traffic will flow to the public AWS endpoints.
If you want to use private subnets without enabling Private Network Deployment mode, it will be enough to configure VPC subnets with NAT gateway. An S3 interface endpoint is not required.
If you do use Private Network Deployment mode, an S3 interface endpoint will be needed.
It is possible to configure this.
Worker appliances will not have public IPs, but the traffic will flow to the public AWS endpoints.
If you want to use private subnets without enabling Private Network Deployment mode, it will be enough to configure VPC subnets with NAT gateway. An S3 interface endpoint is not required.
If you do use Private Network Deployment mode, an S3 interface endpoint will be needed.
GitHub: https://github.com/nielsengelen
Who is online
Users browsing this forum: No registered users and 1 guest