• Amazon VPC Endpoint for Amazon S3
Why this is big feature?
In the past, in hybrid Cloud environments, you design your private cloud to be secure, with no assess to the Internet.
However, S3 then, can only be assessable via the Internet. No Internet, No S3.
This forces architects to compromise on their network design, in order to have S3 as part of their solution. It forces architects to break security design rules by adding a NAT, or some form of Internet Gateway, in order to incorporate S3 as part of the stack.
Lot’s of groans and pains were heard throughout the land, as architects strive to explain to their clients why they need to incorporate Internet access, why the need to breach security protocols, etc. Some architects were burned at the stake, while other architects gave up their technical careers and became monks brewing beer in nordic countries. Some sought to find refuge in never-never land, but even there, the rules of physics still apply – No Internet, No S3. There’s fear in every architects eyes each time S3 is shown in any diagrams, and most private cloud with S3 designs are whispered in the back-alleys and taverns.
With this below announcement, AWS has finally awoken from its dreamland sleep. The years of anguish and teeth gnashing is now gone. There is now peace and equilibrium in the ether-space. Dogs stop barking late at nights and the cheese will no longer curdle before the next full-moon. Architects that form the rebel alliance and joined the Azure underground are now resurfacing to rejoin the land of the living.