A VPC endpoint service is a cloud service or a private service that can be accessed through a VPC endpoint.
There are two types of VPC endpoint services: gateway and interface.
- Gateway VPC endpoint services are created only for cloud services.
- Interface VPC endpoint services can be created for both cloud services and your private services. Cloud services are configured as VPC endpoint services by the O&M personnel by default. However, you need to create VPC endpoint services for your private services.
Supported cloud services vary in different regions. For details, see the services that can be configured on the management console.
This section describes how to configure a VPC endpoint service (interface type) from your private service and how to manage it.
Table 1 Management of VPC endpoint servicesOperation
|
Description
|
Constraint
|
|---|
Creating a VPC Endpoint Service
|
Describes how to configure a private service as a VPC endpoint service.
|
- VPC endpoint services are region-level resources. Select a region and project when you create such a service.
- Each tenant can create a maximum of 20 VPC endpoint services.
- The following private services can be configured into VPC endpoint services:
- Elastic load balancer: Backend resources of this type suit services that receive high access traffic and demand high reliability and disaster recovery (DR) performance.
- ECS: Backend resources of this type serve as servers.
- BMS: Backend resources of this type serve as servers. BMS will be discarded. You are recommended to choose Elastic load balancer.
- VIP: Backend resources of this type serve as virtual IP addresses. The VIP type will be discarded. The ELB type is recommended.
- One VPC endpoint service can have only one backend resource.
|
Viewing a VPC Endpoint Service
|
Describes how to query details of a VPC endpoint service.
|
None
|
Deleting a VPC Endpoint Service
|
Describes how to delete a VPC endpoint service.
|
- Deleted VPC endpoint services cannot be recovered. Exercise caution when performing this operation.
- Only VPC endpoint services configured from users' private services can be deleted.
- VPC endpoint services in the Accepted or Creating state cannot be deleted.
|
Managing Connections of a VPC Endpoint Service
|
Describes how to set connection approval of a VPC endpoint service to determine whether to allow a VPC endpoint to connect to the VPC endpoint service.
|
You can specify whether to allow a VPC endpoint to connect to a VPC endpoint service only when connection approval is enabled during VPC endpoint service creation.
|
Managing Whitelist Records of a VPC Endpoint Service
|
Describes how to manage whitelist records of a VPC endpoint service to control across-account access between a VPC endpoint and a VPC endpoint service.
|
- The VPC endpoint and the VPC endpoint service must be deployed in the same region.
- Before you configure the whitelist for a VPC endpoint service, obtain the account ID of the associated VPC endpoint.
|
Viewing Port Mappings of a VPC Endpoint Service
|
Describes how to view the port mapping between a VPC endpoint and a VPC endpoint service, including the supported protocol, service port, and terminal port.
|
- A port mapping needs to be configured when you create a VPC endpoint service.
- After a VPC endpoint service is created, you can view its port mappings but cannot modify them.
|
Managing Tags of a VPC Endpoint Service
|
Describes how to query, add, edit, and delete tags of a VPC endpoint service.
|
You can add up to 20 tags to each VPC endpoint service.
|