VPC Peering - Connect VPCs from same or diff. AWS accounts (across regions)

Allows private communication between the connected VPCs

Peering uses a request/accept protocol (Owner of requesting VPC sends a request)

Peering is not transitive. Peer VPCs cannot have overlapping address ranges.

VPC Endpoint - Securely connect your VPC to another service

Gateway endpoint: Securely connect to Amazon S3 and DynamoDB

Endpoint serves as a target in your route table for traffic

Provide access to endpoint (endpoint, identity and resource policies)

Interface endpoint: Securely connect to a selected list of AWS services

( )

Powered by PrivateLink (keeps network traffic within AWS network)

Needs a elastic network interface (ENI) (entry point for traffic)

(Avoid DDoS & MTM attacks) Traffic does NOT go thru internet

(Simple) Does NOT need Internet Gateway, VPN or NAT