Nathan Peck
Senior Developer Advocate for Generative AI at Amazon Web Services
Jan 29, 2019 1 min read

Setting up AWS PrivateLink for Amazon ECS, and Amazon ECR

Amazon ECS and Amazon ECR now have support for AWS PrivateLink. AWS PrivateLink is a networking technology designed to enable access to AWS services in a highly available and scalable manner. It keeps all the network traffic within the AWS network. When you create AWS PrivateLink endpoints for ECR and ECS, these service endpoints appear as elastic network interfaces with a private IP address in your VPC.

Before AWS PrivateLink, your Amazon EC2 instances had to use an internet gateway to download Docker images stored in ECR or communicate to the ECS control plane. Instances in a public subnet with a public IP address used the internet gateway directly. Instances in a private subnet used a network address translation (NAT) gateway hosted in a public subnet. The NAT gateway would then use the internet gateway to talk to ECR and ECS.

Full article at: https://aws.amazon.com/blogs/compute/setting-up-aws-privatelink-for-amazon-ecs-and-amazon-ecr/

Downloads

Private Link ECS and ECR.pptx (182 kb)

« Designing a modern serverless application with AWS Lambda and AWS Fargate Managing Microservice Deployments on AWS with HashiCorp Consul »