We can create a VPC endpoint gateway for S3 as follows:
- Go to VPC service in the console.
- Click on Endpoints from the left sidebar.
- Click on Create Endpoint.
- For Service Category, select AWS Service.
- For Service Name, select com.amazonaws.us-east-1.s3:
- For VPC, select our custom VPC.
- For Route table, select our main route table.
- Leave the Policy as Full Access.
- Click on Create endpoint. We should get a success message.
- Try running the following S3 command from the private subnet:
aws s3 ls --region us-east-1
This should list the S3 items successfully.
To SSH into the public EC2 instance and then SSH into the private EC2 instance, you can refer to the Launching an EC2 instance into a VPC recipe in Chapter 6, Working with EC2 Instances.