VPCEP establishes a secure and private channel between a VPC endpoint (cloud resources in a VPC) and a VPC endpoint service in the same region.
You can use VPCEP in different scenarios.
High-Speed Access to Cloud Services
After you connect an IDC to a VPC using VPN or Direct Connect, you can use a VPC endpoint to connect the VPC to a cloud service or one of your private services, so that the IDC can access the cloud service or private service.
Figure 1 shows the process of connecting an IDC to VPC 1 over VPN or Direct Connect, for the purpose of:
- Accessing OBS or DNS using VPC endpoint 1
- Accessing ECS 1 in the same VPC using VPC endpoint 2
- Accessing ECS 2 in VPC 2 using VPC endpoint 3
For cloud migration, VPCEP has the following advantages:
- Simple and efficient
The IDC is directly connected to the VPC endpoint service over a private network, reducing access latency and improving efficiency.
- Low cost
With VPCEP, your IDC can access cloud resources over a private network, reducing your costs on public resources.
For details, see Configuring a VPC Endpoint for Accessing OBS Using the OBS Private Address.
Cross-VPC Connection
With VPCEP, resources in two different VPCs can communicate with each other despite of logic isolation between them as long as the two VPCs are in the same region.
VPC endpoints and VPC peering connections are different in security, communications methods, route configurations, and more.
For details, see What Are the Differences Between VPC Endpoints and VPC Peering Connections?.
An ECS in VPC 1 uses a VPC endpoint to access a load balancer in VPC 2 over a private network. Figure 2 shows the connection process.
VPCEP has the following advantages:
For details, see the following sections: