Posted On: Apr 4, 2019
Amazon Simple Notification Services (SNS) now supports VPC endpoint policies to control access to your Amazon SNS resources. When you create a VPC endpoint for Amazon SNS, you can attach an endpoint policy to define the SNS actions that can be performed, the IAM user or role that can perform the actions, and the SNS resources these actions can be performed on.
You can take advantage of Amazon VPC endpoints for Amazon SNS to publish messages to SNS topics, from Amazon Web Services resources in your VPC, without traversing the public internet. VPC endpoints are powered by Amazon PrivateLink, a highly available, scalable technology that enables you to privately connect your VPC to supported Amazon Web Services services.
Amazon SNS and Amazon VPC PrivateLink are available in all commercial Regions, including Amazon Web Services China (Beijing) region, operated by Sinnet and Amazon Web Services China (Ningxia) region, operated by NWCD. It is also available in the GovCloud (US-West) Region.
To learn more, see the following resources:
- Creating an Amazon VPC Endpoint Policy for Amazon SNS in the Amazon SNS Developer Guide
- Controlling Access to Services with VPC Endpoints in the Amazon Virtual Private Cloud Developer Guide