AWS PrivateLink allows access to AWS Services in a highly available way while keeping all the network traffic within the AWS network.
- You create VPC interface endpoints for AWS services that are powered by PrivateLink. The service endpoints will appear as Elastic Network Interfaces (ENIs) with private IPs in your VPCs. Once these endpoints are created, any traffic destined to these IPs will get privately routed to the corresponding AWS services.
- You need to establish a Network Load Balancer (NLB) to front your AWS service and create a PrivateLink service to register with the NLB.
- On-premise applications can connect to the service endpoints in Amazon VPC over AWS Direct Connect. The service endpoints will automatically direct the traffic to AWS services powered by AWS PrivateLink.
- EC2, ELB, Kinesis Streams, SNS, AWS DataSync, Service Catalog, EC2 Systems Manager